[QGIS-Developer] QGIS Plugins and AI Generation

Régis Haubourg regis.haubourg at gmail.com
Mon Feb 9 09:48:31 PST 2026 

Hi, I agree AI is making the plugin's ecosystem being boosted, with all 
the good and bad sides you mentioned.

I like the idea of a field in metadata.txt for a spontaneous disclosure.
 From what we see on PR's or security disclosures is that some AI users 
are reluctant to reveal they worked with AI. And probably, many dev's 
will use a bit of AI autocompletion most of the time.
It takes some rounds of discussions to spot that they don't fully 
understand the code they produced, which is the famous AI slop.
So in my opinion, we should be able to use a `ai_possible_derivative` 
flag as moderators, from the plugin's catalog. Maybe it is time to set 
up a full community discussion and voting system, just as internet 
browsers do for plugins.
  One should be able to signal a malicious, or badly coded plugin 
triggering crashes. And moderators should be able to ban / alert / flag 
plugins beyond the volontary metadata.txt tooling. And maybe we would 
have to add automated scanners for security security, code smells, and 
now AI smells..

Maybe Lova could tell us about ho this is doable, and if we have the 
resources to do this this year.

Cheers
Régis


On 2/9/26 14:36, Admire Nyakudya via QGIS-Developer wrote:
>
> Dear All
>
> The rapid proliferation of AI tools has led to a noticeable increase 
> in QGIS plugins being created and uploaded to the registry.
>
> The bonus points for these new plugin are:
>
>   * functionality gaps are being filled faster
>   * workflows are consolidated
>   * innovation is happening at pace.
>
>
> However, it also introduces new challenges for the QGIS plugin 
> ecosystem, particularly around trust, review, and governance.
>
> While responsibility ultimately lies with end users to decide which 
> plugins they trust, the growing use of AI-assisted or AI-generated 
> code raises additional concerns beyond those already discussed in 
> recent QGIS pull requests/code base related to AI usage.
>
> The plugin approval process relies heavily on volunteer effort and 
> with the many plugins being uploaded we have to rely heavily on 
> authors to submit high-quality, secure, and maintainable code.
>
> The plugin review process is not focused on code review but does so in 
> limited circumstances. End users rely on author reputation, plugin 
> ratings— as indicators to trust the plugin quality and usefulness.
>
> To improve transparency and support informed decision-making, it may 
> be worth introducing an optional metadata flag in *metadata.txt*, for 
> example:
>
> *ai_derivative = yes*
>
> All existing plugins could default to no, with the flag applied to new 
> or updated plugins going forward. This would not act as a quality 
> judgement, but rather as a disclosure mechanism, allowing users to 
> filter plugins and assess trust based on their own criteria, alongside 
> authorship and plugin rating.
>
> Regards
>
> Admire (Active plugin reviewer)
>
> -- 
> Email Signature
>
> GIS Engineer
>
> Location: Geolocate me here <https://w3w.co/amused.thunder.wins>
>
> Phone: +27639664031 <tel:+27639664031>
>
> Email: addloe at gmail.com
>
> Social Media:
>
>   * LinkedIn <https://www.linkedin.com/in/mazano-gis-geek>
>   * GitHub <https://github.com/NyakudyaA>
>
>
> _______________________________________________
> QGIS-Developer mailing list
> QGIS-Developer at lists.osgeo.org
> List info:https://lists.osgeo.org/mailman/listinfo/qgis-developer
> Unsubscribe:https://lists.osgeo.org/mailman/listinfo/qgis-developer

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/qgis-developer/attachments/20260209/b1c594aa/attachment.htm>

More information about the QGIS-Developer mailing list