Instructions: Read the three news summaries (A–C). Then answer all questions A)–D). In this section, you will get only correctness feedback—no answers are revealed. Full answers and explanations appear later.
Summary A
OpenAI has hired the small team behind “Alex,” an AI coding assistant that plugged directly into Apple’s Xcode. The move folds the Alex engineers into the group building OpenAI’s next coding agent. While existing users will still receive maintenance, the standalone Alex app is set to stop new downloads in early October. The shift reflects a broader consolidation: Apple has added ways to access outside AI tools in Xcode itself, and platform‑level assistants are becoming table stakes. For developers, the acqui‑hire hints that AI coding features may ship deeper inside core tools rather than live as separate add‑ons. It also raises questions about longevity and vendor lock‑in as independent plugins give way to first‑party integrations.
Summary B
A new industry analysis reports a trade‑off in AI‑assisted coding. Teams using code assistants can ship far more lines in less time and see fewer syntax or simple logic errors. Yet security findings surge: issues such as leaked credentials, privilege‑escalation paths, cloud misconfigurations, and shaky architecture appear more often when AI generates multi‑file changes. The report warns that volume can mask risk, as reviewers struggle to spot design flaws hidden inside large diffs. Companies rolling out mandatory AI coding policies are urged to invest in threat modeling, secure defaults, and careful human review. In short, productivity goes up—but so may the blast radius unless guardrails catch problems early.
Summary C
Security researchers described a “CopyPasta” technique that plants hidden prompts inside common documentation files, like README or LICENSE. Because many assistants treat such files as authoritative, the malicious text can be reproduced into new files the tool writes, quietly spreading across a codebase. The method targets popular AI coding editors and agents and could insert backdoors or data‑exfiltration steps without an obvious alert. The disclosure arrives as some large companies report a sizable share of daily code now written with AI. Experts recommend scanning repositories for suspicious comments, limiting what files assistants can read, and requiring humans to review generated changes before merging.
A) Reading Comprehension (5 questions)
1) Main idea
Which statement best captures a theme shared by Summaries A–C?
2) Detail (Summary A)
What is planned for the Alex app after early October?
3) Inference (Summary B)
Given the trends described, which practice is most critical to add when adopting AI code assistants?
4) Vocabulary in context (Summary C)
In this context, the word “propagate” is closest in meaning to:
5) True / False (Summary B)
AI assistance eliminates syntax errors entirely and reduces the need for human oversight.
B) Vocabulary & Collocation (5 questions)
1) Vocabulary
In Summary A, “acqui‑hire” most nearly means:
2) Vocabulary
Which definition best fits vulnerability as used in Summaries B–C?
3) Vocabulary
To propagate malicious prompts across a repository means to:
4) Collocation
Before merging AI‑generated changes, the team conducts a thorough code ____.
5) Collocation
Fill the blank with the best word: Strong ______ oversight is essential when using coding agents.
C) Grammar Cloze (2 items)
1) Theme: Passive voice (future)
According to Summary A: “New downloads will stop after early October, but the app ______ for existing users.”
2) Theme: Modals of possibility
From Summary C: “If hidden prompts are embedded in documentation, they ______ across repositories.”
D) Speaking Prompt (30 seconds)
Task
Topic: Companies are embedding AI agents into developer workflows while researchers flag new risks (e.g., hidden prompt attacks). In 30 seconds, state your position: Should organizations scale “vibe coding” beyond prototypes into core systems? Include one pro and one con.
Tip: Use signposting (First, However, Therefore) and concrete examples.
Answers & Explanations
Print note: this section starts on a new page when printing.
A) Reading Comprehension
Answer: B. AI is moving deeper into tools, boosting speed but demanding oversight. Developers gain speed (A, B) while risks like prompt‑based attacks and design flaws require control (B, C).
Answer: B. The app stops new downloads after early October but continues maintenance for current users. This reflects a shift from standalone plugins to integrated tooling.
Answer: C. Architectural/threat reviews are essential because AI produces large multi‑file diffs where design flaws and misconfigurations may hide.
Answer: B. Propagate = spread/multiply, especially across files or systems.
Answer: B. AI reduces some errors but does not eliminate them; increased findings demand human oversight.
B) Vocabulary & Collocation
acqui‑hire → C. Hiring a startup’s team instead of buying the company. Example: “The cloud giant made an acqui‑hire to speed up its agent roadmap.”
vulnerability → D. A weakness exploitable by attackers. Example: “Scanning caught a privilege‑escalation vulnerability introduced by an assistant.”
propagate → B. To spread from place to place. Example: “A poisoned LICENSE file can propagate risky code across new modules.”
code review → A. Natural collocation meaning a systematic check of code before merging. Example: “Every AI‑generated diff must pass code review.”
human oversight → C. Natural collocation for accountable supervision by people. Example: “Human oversight decides whether the agent’s plan is acceptable.”
C) Grammar Cloze
Correct:will be maintained. Passive (future) — be + past participle describes an action done to the subject in future time.
Correct:can propagate (also acceptable: may/could propagate). Modals of possibility — use a modal + base verb to show non‑certain outcomes.
D) Speaking Prompt — Sample Outline (not a full script)
Hook: “AI can code in minutes—but what about the blast radius?” →
Point: Scale vibecoding only with guardrails. →
Evidence: Speed gains vs. rising security findings; hidden‑prompt risks; integration trends. →
Counter: Prototypes alone won’t deliver ROI; careful rollout to non‑critical areas first. →
Close: “Adopt fast, review faster—humans sign the merge.”
Sources
OpenAI hires the team behind Xcode coding assistant Alex / TechCrunch / https://techcrunch.com/2025/09/05/openai-hires-the-team-behind-xcode-coding-assistant-alex-codes/ / 2025-09-05 JST
AI is creating code faster — but this also means more potential security issues (Apiiro report) / TechRadar Pro / https://www.techradar.com/pro/ai-is-creating-code-faster-but-this-also-means-more-potential-security-issues / 2025-09-05 JST
Coinbase’s Go‑To AI Coding Tool Found Vulnerable to ‘CopyPasta’ Exploit / CoinDesk / https://www.coindesk.com/tech/2025/09/06/coinbase-s-go-to-ai-coding-tool-found-vulnerable-to-copypasta-exploit / 2025-09-06 JST
All article content above is paraphrased for educational use.