Vibe coding went from Andrej Karpathy’s tweet to Collins Dictionary’s Phrase of the 12 months in underneath twelve months. In Y Combinator’s Winter 2025 batch, 25% of startups had codebases that had been 95% or extra AI-generated. GitHub has reported that Copilot was liable for a mean of 46% of code being written throughout programming languages, and 61% in Java.
So sure, it has grow to be the brand new regular and everybody’s doing it however sadly, most individuals are doing it badly. The instruments like Claude Code and Cursor are superb however most vibe coders use them like autocomplete on steroids, like a genie: simply immediate randomly and anticipate it to prepare dinner. However belief me the output seems loopy at first look till the codebase is a multitude the agent itself cannot navigate, lol.So on this information, we cowl 5 issues which may make you pretty much as good as a developer who went to highschool for this. Possibly higher.
1. Use CLAUDE.md and Guidelines as Persistent Context
Each Claude Code or Cursor session begins with the agent having seen nothing about your challenge earlier than. It reads no matter information you level it at, infers what it will probably, and guesses the remaining. For small remoted duties that’s nice however for something heavy it’s not, as a result of these guesses preserve compounding.
Let’s say you might be three weeks into constructing a SaaS billing system. You open a brand new session and ask the agent so as to add a utilization based mostly pricing tier. It doesn’t know you have already got a BillingService class in /companies/billing.py. It doesn’t know you standardized on Stripe’s price_id format for all pricing objects. So it creates a brand new PricingService, picks its personal format, and builds one thing parallel to your present structure. 4 periods later you’ve two billing techniques and neither is full.
A CLAUDE.md file on the root of your challenge will get learn in the beginning of each session. Here’s what an actual one seems like for a SaaS challenge:
# Undertaking: Acme SaaS
## Stack
- Node.js + Categorical backend
- PostgreSQL with Prisma ORM
- React + TypeScript frontend
- Stripe for billing (worth IDs observe format: price_[plan]_[interval])
## Key companies
- /companies/billing.py — all Stripe logic lives right here, don't create parallel billing code
- /companies/auth.py — JWT + refresh token sample, see present implementation earlier than touching auth
- /lib/db.ts — single Prisma shopper occasion, import from right here
## Conventions
- All API responses: { knowledge, error, meta } form
- Errors at all times use AppError class, by no means plain Error
- Each DB question wants express subject choice, no choose *
## Don't contact
- /legacy/funds/ — deprecated, being eliminated in Q3
- /auth/oauth.py — frozen till SSO shipsCursor now paperwork Guidelines and AGENTS.md for persistent directions. GitHub Copilot helps repository-wide instruction information like .github/copilot-instructions.md, and a few Copilot agent surfaces additionally learn AGENTS.md, CLAUDE.md, and GEMINI.md.
While you add a brand new service or set up a brand new conference, replace the file instantly. It turns into the agent’s reminiscence between periods.
Yet another factor: context rot is actual. A 2025 Chroma examine of 18 fashions discovered measurable accuracy drops as conversations grew longer, even on easy duties. A 40-message session protecting three options is slower and fewer correct than three separate 15-message periods. Open a brand new dialog for every distinct job. Pin solely the information related to that job.
2. Make the Agent Plan Earlier than It Builds
The default conduct of each agentic device is to start out writing code the second you describe one thing. For a self-contained job like “add a subject to this type” that’s nice however for something with actual scope it would create issues you don’t discover till you might be deep into the implementation.
Here’s a concrete instance. You’re constructing a crew invitation system: a consumer enters an e-mail, the system sends an invitation, the recipient clicks a hyperlink, creates an account, and will get added to the crew. Sounds easy however that characteristic touches your customers desk, your groups desk, a brand new invites desk, your e-mail service, your auth circulate, and your JWT technology. If the agent misunderstands how your auth circulate works and builds the invitation acceptance logic towards a special assumption, you’ll not discover out till the characteristic is usually carried out.
Earlier than any characteristic with scope, ship this primary:
Earlier than writing any code: analyze the codebase, then give me a step-by-step plan
for constructing the crew invitation system. Checklist each file you'll modify, each
file you'll create, each DB migration wanted, and any assumptions you might be
making concerning the present code. Don't write code but.
A great plan output seems like this:
Information to change:
- /routes/groups.ts — add POST /groups/:id/invite and POST /groups/accept-invite
- /companies/e-mail.ts — add sendTeamInvite() utilizing present Resend shopper
- /prisma/schema.prisma — add Invitation mannequin
Information to create:
- /companies/invites.ts — token technology, validation, expiry logic
DB migration:
- invites desk: id, team_id, e-mail, token (distinctive), expires_at, accepted_at
Assumptions:
- Invite tokens expire after 48 hours
- Inviting an already-registered e-mail nonetheless goes via the invite circulate
- No invite restrict per crew presentlyLearn that a few instances and ensure: Is the 48-hour expiry proper? Did it miss the speed limiting you want? Is it utilizing the e-mail service appropriately? Repair the plan earlier than a single line of code will get written.
The opposite facet of that is immediate specificity. The extra exactly you describe what you need, the much less the agent has to deduce.
| Imprecise | Particular |
|---|---|
| “Add funds” | Combine Stripe Checkout for the Professional plan ($29/month). On success, set consumer.plan = ‘professional’ and consumer.stripe_customer_id. On cancellation redirect to /pricing. Use present BillingService in /companies/billing.ts. |
| “Construct an API” | REST endpoint POST /api/reviews. Accepts { start_date, end_date, metric } in request physique. Validates dates with Zod. Queries the occasions desk grouped by day. Returns { knowledge: [{ date, count }], complete }. |
| “Repair the sluggish question” | The GET /api/customers endpoint takes 4 seconds. The customers desk has 800k rows. Add a database index on created_at and rewrite the question to make use of pagination (restrict 50, cursor-based). Don’t change the response form. |
3. Use a Separate Evaluate Agent for Safety and Logic
Coding brokers are optimized to finish duties, to not perceive why each guardrail exists. Columbia DAPLab has documented recurring failure patterns throughout main coding brokers, together with safety points, knowledge administration errors, and weak codebase consciousness. That makes blind belief harmful: the identical agent that fixes a bug can even take away the test that was stopping a worse one.
The clearest actual instance of this: within the Replit agent incident of 2025, the autonomous agent deleted a challenge’s major manufacturing database as a result of it determined the database wanted cleanup. It was following its optimization goal. It was additionally violating an express instruction to not modify manufacturing knowledge. And sadly, no human reviewed what it was about to do.
The agent that wrote your code shouldn’t be in a superb place to catch its personal errors. Claude Code helps subagents: separate brokers that run in utterly remoted contexts with no reminiscence of what the primary agent constructed. You outline them in .claude/brokers/:
---
title: security-reviewer
description: Evaluations code for safety points after implementation is full
instruments: Learn, Grep, Glob
mannequin: opus
---
You're a senior safety engineer doing a pre-ship overview.
For each route added or modified, test:
- Is authentication enforced? Can an unauthenticated request attain this?
- Is the consumer approved? Can consumer A entry consumer B's knowledge?
- Is enter validated earlier than it hits the database?
- Are there any hardcoded secrets and techniques, API keys, or credentials?
Report: file title, line quantity, particular challenge, prompt repair.
Don't summarize. Report each challenge you discover.
After your principal agent finishes constructing the invitation system:
Use the security-reviewer subagent on all of the information we simply created or modified.
Here’s what an actual reviewer output seems like:
/routes/groups.ts line 47
Difficulty: POST /groups/accept-invite doesn't confirm the token belongs to the
e-mail tackle of the logged-in consumer. Any authenticated consumer who is aware of a legitimate
token can settle for any invite.
Repair: Add test that invitation.e-mail === req.consumer.e-mail earlier than accepting.
/companies/invites.ts line 23
Difficulty: Token generated with Math.random() — not cryptographically safe.
Repair: Change with crypto.randomBytes(32).toString('hex').
Neither of these would have been caught by the constructing agent. Each would have made it to prod.
Escape.tech’s scan of 5,600 vibe-coded apps discovered over 400 uncovered secrets and techniques and 175 situations of PII uncovered via endpoints. Most of it’s precisely this class of challenge, authorization logic that works functionally however has holes.
4. Immediate in Layers, Not in One Big Spec
Function task modifications what the agent prioritizes. “Construct this characteristic” and “Act as a senior engineer who has been burned by poorly examined fee code earlier than. Construct this characteristic.” produce completely different outputs. The second will add edge case dealing with, write extra defensive validation, and flag assumptions it’s not positive about. The mannequin responds to framing.
Construct options in layers, not abruptly. The usual mistake when constructing one thing like a Stripe integration is to ask for the entire thing in a single immediate. You get code that compiles however has the billing logic, webhook dealing with, and database updates tangled collectively. As an alternative:
Immediate 1:
Arrange the Stripe Checkout session creation solely.
Endpoint: POST /api/subscribe
Accepts: { price_id, user_id }
Returns: { checkout_url }
Don't deal with webhooks but. Don't replace the database but. Simply the session creation.
Evaluate that. Ensure that the Stripe shopper is initialized appropriately, the precise price_id is being handed, the success and cancel URLs level to the precise locations.
Immediate 2:
Now add the Stripe webhook handler.
Endpoint: POST /api/webhooks/stripe
Deal with these occasions solely: checkout.session.accomplished, buyer.subscription.deleted
On checkout.session.accomplished: set consumer.plan = 'professional', consumer.stripe_customer_id = buyer id from occasion
On buyer.subscription.deleted: set consumer.plan = 'free'
Confirm the webhook signature utilizing STRIPE_WEBHOOK_SECRET from env.
Evaluate that individually, test the signature verification, additionally that the consumer lookup is appropriate.
Every layer is reviewable and has a transparent scope. If one thing is improper you understand precisely the place.
Use pseudo-code when you understand the logic however not the implementation:
Construct a price limiter for the /api/send-invite endpoint.
Logic:
- Key: user_id + present hour (e.g. "user_123_2026041514")
- Restrict: 10 invitations per hour per consumer
- On restrict exceeded: return 429 with { error: "Price restrict exceeded", retry_after: seconds till subsequent hour }
- Use Redis if out there within the challenge, in any other case in-memory Map is okay
That is extra correct than “add price limiting to the invite endpoint” as a result of you’ve specified the important thing construction, the restrict, the error response form, and the storage desire. There may be virtually nothing left to guess.
Nearly all of builders transport AI generated code spend reasonable to vital time correcting it. Solely round 10% ship it near as is. These are principally skilled Claude Code customers with tight CLAUDE.md information and structured construct periods.
Learn each diff earlier than committing. git diff earlier than each commit. When the agent has modified a file you didn’t ask it to the touch, both the immediate left room for interpretation or the agent overreached. Each are price understanding earlier than the code goes wherever.
Prohibit what the agent can entry. The permissions.deny block in ~/.claude/settings.json prevents the agent from studying or writing particular paths. A .cursorignore file does the identical in Cursor.
{
"permissions": {
"deny": [
"/auth/oauth.py",
"/.env",
"/.env.production",
"/legacy/**",
"/migrations/**"
]
}
}
Oh, migrations deserve particular point out. An agent that may write its personal migration information can silently alter your database schema. Preserve migrations out of attain and write them your self after reviewing what the agent constructed.
Take a look at instantly after each characteristic. Not as a separate job later, proper after. “Now write unit assessments for the invitation service we simply constructed. Cowl: token expiry, duplicate invite to similar e-mail, settle for with improper consumer, settle for with expired token.” The agent that simply constructed the characteristic is aware of the sting instances. Ask for assessments whereas that context is reside.
That is it. Share with whoever wants it. Glad prompting!
