Contacts
Book a 30-min discovery call
Close

Contacts

J.B. Road, 43, Kanwachal Rd, near Maharishi Vidyamandir, Krishna Nagar, Chandmari, Guwahati, Assam 781003

+91 9395303089

info@synthweb.in

Where We Use AI Coding Tools in Client Builds (and Where We Still Don’t)

AI coding tools used in production software development with human review for critical systems

AI coding tools in production software development are now part of almost every engineering conversation. Every client eventually asks whether we use them. The answer is yes — selectively, with guardrails, and not in the places where bugs cost real money. This post lays out exactly where AI tools appear in our engineering workflow and where they do not, and the three rules that govern every AI-generated line in client code.

Credibility on this question comes from specificity, so this is the specific answer: SynthWeb engineers currently use GitHub Copilot Enterprise and Cursor AI on client builds. Claude Code is used for certain documentation and test generation tasks. The tools change as the category evolves — what does not change is the framework for deciding where they are and are not appropriate.

Where AI coding tools earn their place

AI coding tools reduce software development time through boilerplate generation documentation test generation and pull request scanning

Boilerplate generation. CRUD endpoint scaffolding, database migration files, API client setup, standard middleware configuration. These are patterns that are consistent, well-defined, and easily reviewed. AI-generated boilerplate saves 30 to 40 percent of the time on these tasks and produces output that a human engineer can validate in a few minutes. The review step is mandatory — we do not ship AI-generated code without a human reading it.

Documentation. JSDoc comments, README files, API documentation generated from existing code. AI tools produce first drafts that are approximately 80 percent accurate. An engineer reviews, corrects inaccuracies, and supplements with context the tool does not have. This saves approximately 35 percent of documentation time across an engagement.

Test case generation. Given a function, generate 8 to 10 test cases covering the obvious paths, boundary conditions, and error states. The engineer reviews the list, removes tests that are redundant or incorrect, and adds cases the tool missed. The tool is faster at enumeration; the engineer is better at judgment. Combined, they produce better test coverage in less time than either alone. Time saving: approximately 25 percent on test writing.

Pre-review PR scanning. Before a PR goes to human review, an AI scan catches unused imports, missing error handling, obvious type mismatches, and common security anti-patterns. This reduces the noise in code review so human reviewers spend time on architecture and logic, not syntax. Time saving: 15 to 20 percent of review time.

Where AI coding tools are not used

Authentication and authorisation logic. AI-generated auth code has well-documented failure modes — subtle permission bypasses, JWT validation gaps, session management errors. The cost of an auth vulnerability is user data exposure, regulatory consequences, and trust loss. We write auth manually, test it specifically, and do not use AI assistance on this layer.

Payment processing. Stripe integration, webhook handling, refund logic, subscription state management. The cost of a bug in a payment flow is direct financial loss — either the merchant’s or the customer’s. Every payment-related function at SynthWeb is written by a senior engineer, reviewed by a second senior engineer, and tested against Stripe’s test event library. No AI assistance in this layer.

Database schema design. Schema decisions require understanding the business domain — the entities, the relationships, the queries the product actually needs to run over a three-year horizon. AI tools do not have this understanding. A schema designed by an AI tool will reflect the surface-level UI requirements, not the underlying domain model. We covered why this matters in our article on technical debt.

Complex domain-specific business logic. Insurance calculation rules, logistics routing algorithms, financial reporting pipelines, healthcare data workflows. These require domain knowledge the tool does not have and have failure modes that are expensive or regulated.

The three guardrails

Every AI-generated line in client code at SynthWeb is subject to three rules: a human engineer reviews every block before it is merged, the same test standards apply to AI-generated code as to human-written code, and AI usage is disclosed to clients on request. These are not aspirational guidelines — they are enforced by the review process.

AI coding tools guardrail policy with human review testing standards and client disclosure requirements

FAQ

Does using AI tools reduce the engagement cost? AI tools reduce time on specific tasks, which translates to faster delivery rather than a lower price. The value to the client is speed and consistency, not a lower invoice. Our product engineering process focuses on delivering software faster without compromising production quality.

Does SynthWeb worry that AI will replace engineers? No. The four categories above where AI is used are all tasks where human judgment validates the AI output. The categories where AI is not used are the ones where judgment cannot be delegated. Both categories still require engineers.

Which specific tools does SynthWeb currently use? GitHub Copilot Enterprise, Cursor AI, and Claude Code for select documentation tasks. This list reflects current usage as of June 2026.