I disagree. Much of what makes software complex for us, makes it complex for LLM just as well. E.g:

- a very large codebase

- a codebase which is not modularized into cohesive parts

- niche languages or frameworks

- overly 'clever' code

Yeah, the main problem is that most companies / people don't give a f*ck about security because it is not a key feature. It's only a marketing stamp. You want it good enough to sell the products, but you don't want to spent too much on it. So instead you go vibe coding. The baby is dead born.

LLMs can read and reverse engineer minified javascript and disassemble motorola 68000 assembly code.

You need to check out how Claude uses Ghidra MCP or even tell it to use radare2 to disassemble even proprietary hardware ROMs.

We don't even come close to what LLM can understand in just a few minutes.

I regularly run it on large codebases because I'm not able to grasp it in any reasonable timeline.