Sillygoose Sillygoose

Vibe Coding: How AI is Changing the Way Developers Write Code

Reading Time: 6 minutesReading Time: 6 minutes

“First we shape our tools, then our tools shape us.”
Marshall McLuhan

Vibe Coding

How AI turned code into conversation, culture, and sometimes catastrophe

For decades, programming carried the aura of precision and patience. The craft was portrayed as logical, exact, and almost ascetic. Lines of code were unforgiving every semicolon mattered, every bracket closed, every mistake punished with red text on a terminal. But that world is shifting. Code no longer lives only in syntax; it pulses with color, context, and prediction. AI copilots have transformed programming into a dialogue. You prompt, it riffs. You hesitate, it finishes your thought. You nod, it ships. What once was a solitary craft is now part duet, part jam session.

But here lies the paradox: the smoother the flow, the greater the temptation to skip the friction. And in programming, friction is safety. Vibe coding—the shorthand for this new AI-driven style of software creation rewards intuition and speed. Yet, it risks burying the discipline’s oldest truth: verification is not optional. The results are dazzling, but so are the failures. Welcome to the age where code is neon and culture, but also a liability waiting to be exploited.

Always the headliners

Peak hype, peak bugs

AI assistants have gone from novelty to necessity almost overnight. GitHub Copilot, OpenAI integrations, and in-house copilots at major firms now scaffold microservices, glue APIs together, and churn out test suites while developers sip their morning coffee. What once took days of boilerplate now takes minutes. The vibe is acceleration, the promise is democratization, but the reality is complicated.

The numbers paint a colder picture. In its 2025 GenAI Code Security Report, Veracode found that 45 percent of AI-generated code failed baseline security checks. The deeper you dive, the more alarming it gets. In Java, failure rates spike to 72 percent. Against common vulnerabilities like cross-site scripting (XSS), defenses were absent in 86 percent of samples. That’s not harmless oversight—that’s production-ready code with built-in landmines. If the internet is an ecosystem, these aren’t bugs. They’re invasive species.

And the fallout doesn’t stay theoretical. Consider the Tea app, launched as a women-first community where privacy was the product. It became a textbook example of vibes over vigilance. AP News reported over 72,000 images exposed, many of them verification selfies. Legal filings revealed the breach spilled more than a million private messages. Encryption was weak, APIs were brittle, and what was pitched as safe space became spectacle. This is the heart of the vibe coding paradox: you can’t patch trust after the breach. Speed thrills, but it also kills.

Nine lives, infinite risks

The myth of effortless chic

Part of vibe coding’s appeal is the illusion of effortlessness. Describe a mood, an intent, a quick prompt, and get working code. It’s frictionless chic—the sense that software is just one clever request away. But shortcuts are rarely free. In software, they often become open doors. A textbook example: the autocomplete hallucination. Your assistant suggests a library that doesn’t exist. It looks plausible enough, you install it. Attackers, watching the namespace, register the fake package and seed it with malware. Congratulations you’ve been supply chain hacked by vibes.

This isn’t hypothetical. Package poisoning is already a booming attack vector. What’s new is how AI normalizes the trap. When an autocomplete suggestion carries the weight of authority, we stop questioning it. That’s not efficiency it’s engineered gullibility. The badge of legitimacy comes not from provenance, but from presentation.

Even iteration, the cornerstone of safe coding, can backfire under AI. Developers assume that asking an assistant for multiple rewrites improves quality. Fresh analyses summarized in Veracode’s 2025 report suggest the opposite: security often degrades across rounds of automated rewrites. Code looks sleeker variables renamed, formatting cleaned, comments polished while underlying flaws persist or worsen. It’s like polishing a cracked glass: it shines brighter, but it’s no safer to drink from.

The new exploits

Autocomplete as attack surface

Attackers adapt as quickly as the tools. If AI makes developers faster, it makes adversaries sharper too. TechRadar recently covered a campaign where Microsoft intercepted attackers embedding AI-generated SVG files inside PDFs to slip malicious payloads past filters. The exploit was ingenious in its simplicity: weaponize the very fluency of AI to craft artifacts that look benign but aren’t. It’s a reminder that AI doesn’t tilt the battlefield toward defense it accelerates both sides equally.

The frontier now is context itself. Consider the XOXO class of attacks described on arXiv. Instead of exploiting your code, they exploit what your assistant ingests. Poisoned snippets or files nudge the model into producing insecure code that looks correct on the surface. No alerts trigger. No red flags rise. It’s a slow bend off course that, compounded over time, becomes a canyon. This is the AI twist on social engineering: manipulating not the person, but the assistant quietly shaping their work.

Even the assistants themselves bleed at the seams. Tenable disclosed three vulnerabilities in Google’s Gemini assistant tools, later patched but sobering. The flaws enabled search injection, log-to-prompt injection, and exfiltration via a browsing plugin. Each one effectively turned the assistant into a backdoor. Patching is good, but existence is the point. Assistants are not magical shields they’re new, complex surfaces with their own cracks waiting to be tested.

Infrastructure with its zipper down

MCP and the open door problem

Behind every assistant lies infrastructure, and much of it is being deployed with the caution of a weekend hackathon. The Model Context Protocol (MCP) was designed to connect AI models with tools, files, and systems. In theory, it’s a bridge. In practice, it’s often an open gate. ITPro reported multiple MCP servers exposed on the open internet, bound to 0.0.0.0, reachable with little or no authentication. Another ITPro piece described a malicious MCP instance quietly exfiltrating email. The logic is simple: if your assistant can talk to that server, the server can talk back. And in security, inbound trust is a dangerous default.

The problem isn’t just sloppy deployment; it’s cultural. The same ethos that fuels rapid prototyping ship it, demo it, vibe it seeps into infrastructure. But assistants aren’t weekend projects. They are connective tissue between sensitive systems. Treating them like side experiments is leaving the zipper down on an ecosystem that doesn’t forgive exposure.

Coding as culture

The bug that became content

What once lived in incident docs now trends on TikTok. Outages aren’t just postmortems they’re content. Developers livestream assistants failing hilariously, cursed regex screenshots circulate as memes, and bizarre stack traces become teaching moments. The Tea app breach was dissected like gossip. The Gemini trifecta played out like a celebrity scandal. In the culture of vibe coding, spectacle replaces reflection.

The danger is that attention economics rewards velocity, not resilience. Shipping code gets likes. Writing a sober postmortem does not. And so the culture loops: speed over safety, spectacle over security. But software isn’t performance art. It’s infrastructure. It holds our data, our identities, and our trust. When we treat it as content, we risk forgetting it also runs the world.

The field kit

Keep the vibes, drop the breaches

So how do you hold onto the flow without inviting catastrophe? The answer isn’t abandoning assistants—it’s using them with discipline. Think of it as carrying a field kit: tools and habits that keep the rush of vibe coding from collapsing into regret.

  • Treat AI output as a draft. Every suggestion is a sketch, not scripture. Edit line by line. If you can’t explain the threat model in one breath, it’s not ready.
  • Pin and verify dependencies. Autocomplete isn’t provenance. Use allowlists, checksums, and verified sources. Unknown package name means pause, not push.
  • Scan in the loop. Don’t wait until production. Run SAST, SCA, and secret scans on AI code before merge. Catch the fire while it’s smoke.
  • Harden context. Lock MCP servers behind authentication and TLS with narrow scopes. No open binds. No ambient trust.
  • Prompt like an engineer. Don’t just ask for “a login form.” Ask for parameterized queries, input validation, output encoding, rate limits, and least privilege. Security is as much in the ask as the answer.
  • Quarantine the assistant. Separate networks, separate secrets. Sandboxes exist for a reason. Don’t give copilots the keys to production.
  • Keep receipts. Write commit messages that document security choices. When things break—and they will—those breadcrumbs make audits humane.

Next on the Shelf

Because your code isn’t just output it’s leverage and liability

Final thought

Schrödinger’s software

Vibe coding isn’t evil. It’s human. It’s the natural urge to trade friction for flow, to let curiosity and creativity outrun bureaucracy. And flow is addictive. But speed without skepticism is how cool demos turn into public apologies. Code can be elegant and broken at the same time until you test it. That paradox isn’t a bug it’s the condition of modern software. Hold it on purpose.

If you want the Snowden answer, remember that trust is a design choice. If you want the Hank Green answer, curiosity is a safety feature. Keep both turned on. That’s how vibe coding stops being catastrophe and becomes craft.

References

Was this helpful?

Thanks for your feedback!

Comments are closed