If an AI can find a vulnerability for a hacker, it will also find that vulnerability for a security researcher, so that point is moot.

There exists a danger that very good hackers will be able to find vulnerabilities by looking through the source code, but very good hackers find vulnerabilities without source code anyway.

Consider the following: Would you rather walk down a busy street hundreds of other people walking by, including police officers, good samaritans, and maybe people who want to do you harm, or would you rather walk down a dark ally with only four people in it?