Sure, but how confident can they be that it doesn't also do things they don't want?
Tests can't be exhaustive, whereas even a mediocre developer is likely to possess enough background knowledge to notice risks that a non-developer would not think to test.
People keep forgetting that we haven't reached AGI yet. These tools can still make serious and sometimes obvious mistakes. Not long ago, vibe-coded software could embed credentials directly. That particular blunder seems to have been addressed, but there is still no reliable way to tell an LLM to avoid every class of obvious blunder.
The un-hidden secret is that QA and real testing doesn't exist much anymore. People aren't surprised when things break, they just want it fixed quickly, and AI can do that.
I hear you, but when their choices are “flawed solution that exists” vs “perfect one that doesn’t” they will pick the former most of the time.