There are already companies that exist to audit the security of codebases programmatically so this will just be part of the flow