1) The prompts/pipelines portain to proprietary IP that may or may not be allowed to be shown publically.
2) The prompts/pipelines are boring and/or embarrassing and showing them will dispel the myth that agentic coding is this mysterious magical process and open the people up to dunking.
For example in the case of #2, I recently published the prompts I used to create a terminal MIDI mixer (https://github.com/minimaxir/miditui/blob/main/agent_notes/P...) in the interest of transparency, but those prompts correctly indicate that I barely had an idea how MIDI mixing works and in hindsight I was surprised I didn't get harrassed for it. Given the contentious climate, I'm uncertain how often I will be open-sourcing my prompts going forward.
1) the code AI produces is full of problems, and if you show it, people will make fun of you, or
2) if you actually run the code as a service people can use, you'll immediately get hacked by people to prove that the code is full of problems.
The Cloudflare OAuth lib is impressive, I will readily admit that. But they also clearly mention that of course everything was carefully reviewed, and that not everything was perfect but that the AI was mostly able to fix things when told to. This was surely still a lot of work, which makes this story also much more realistic in my opinion. It surely greatly sped up the process of writing an OAuth library - how much exactly is however hard to say. Especially in security-relevant code, the review process is often longer than the actual writing of the code.