Vibe coding went from Andrej Karpathy’s tweet to Collins Dictionary’s Phrase of the 12 months in below twelve months. In Y Combinator’s Winter 2025 batch, 25% of startups had codebases that have been 95% or extra AI-generated. GitHub has reported that Copilot was liable for a mean of 46% of code being written throughout programming languages, and 61% in Java.
So sure, it has turn into the brand new regular and everybody’s doing it however sadly, most individuals are doing it badly. The instruments like Claude Code and Cursor are wonderful however most vibe coders use them like autocomplete on steroids, like a genie: simply immediate randomly and await it to cook dinner. However belief me the output seems loopy at first look till the codebase is a large number the agent itself cannot navigate, lol.So on this information, we cowl 5 issues which may make you nearly as good as a developer who went to highschool for this. Perhaps higher.
1. Use CLAUDE.md and Guidelines as Persistent Context
Each Claude Code or Cursor session begins with the agent having seen nothing about your mission earlier than. It reads no matter recordsdata you level it at, infers what it may well, and guesses the remainder. For small remoted duties that’s positive however for something heavy it isn’t, as a result of these guesses hold compounding.
Let’s say you might be three weeks into constructing a SaaS billing system. You open a brand new session and ask the agent so as to add a utilization primarily based pricing tier. It doesn’t know you have already got a BillingService class in /providers/billing.py. It doesn’t know you standardized on Stripe’s price_id format for all pricing objects. So it creates a brand new PricingService, picks its personal format, and builds one thing parallel to your present structure. 4 classes later you will have two billing programs and neither is full.
A CLAUDE.md file on the root of your mission will get learn in the beginning of each session. Here’s what an actual one seems like for a SaaS mission:
# Venture: Acme SaaS
## Stack
- Node.js + Specific backend
- PostgreSQL with Prisma ORM
- React + TypeScript frontend
- Stripe for billing (value IDs comply with format: price_[plan]_[interval])
## Key providers
- /providers/billing.py — all Stripe logic lives right here, don't create parallel billing code
- /providers/auth.py — JWT + refresh token sample, see present implementation earlier than touching auth
- /lib/db.ts — single Prisma consumer occasion, import from right here
## Conventions
- All API responses: { information, error, meta } form
- Errors all the time use AppError class, by no means plain Error
- Each DB question wants specific subject choice, no choose *
## Don't contact
- /legacy/funds/ — deprecated, being eliminated in Q3
- /auth/oauth.py — frozen till SSO shipsCursor now paperwork Guidelines and AGENTS.md for persistent directions. GitHub Copilot helps repository-wide instruction recordsdata like .github/copilot-instructions.md, and a few Copilot agent surfaces additionally learn AGENTS.md, CLAUDE.md, and GEMINI.md.
Whenever you add a brand new service or set up a brand new conference, replace the file instantly. It turns into the agent’s reminiscence between classes.
Yet one more factor: context rot is actual. A 2025 Chroma research of 18 fashions discovered measurable accuracy drops as conversations grew longer, even on easy duties. A 40-message session protecting three options is slower and fewer correct than three separate 15-message classes. Open a brand new dialog for every distinct activity. Pin solely the recordsdata related to that activity.
2. Make the Agent Plan Earlier than It Builds
The default habits of each agentic software is to start out writing code the second you describe one thing. For a self-contained activity like “add a subject to this kind” that’s positive however for something with actual scope it should create issues you don’t discover till you might be deep into the implementation.
Here’s a concrete instance. You’re constructing a workforce invitation system: a person enters an electronic mail, the system sends an invitation, the recipient clicks a hyperlink, creates an account, and will get added to the workforce. Sounds easy however that characteristic touches your customers desk, your groups desk, a brand new invites desk, your electronic mail service, your auth move, and your JWT era. If the agent misunderstands how your auth move works and builds the invitation acceptance logic in opposition to a special assumption, you’ll not discover out till the characteristic is generally achieved.
Earlier than any characteristic with scope, ship this primary:
Earlier than writing any code: analyze the codebase, then give me a step-by-step plan
for constructing the workforce invitation system. Checklist each file you'll modify, each
file you'll create, each DB migration wanted, and any assumptions you might be
making in regards to the present code. Don't write code but.
An excellent plan output seems like this:
Recordsdata to switch:
- /routes/groups.ts — add POST /groups/:id/invite and POST /groups/accept-invite
- /providers/electronic mail.ts — add sendTeamInvite() utilizing present Resend consumer
- /prisma/schema.prisma — add Invitation mannequin
Recordsdata to create:
- /providers/invites.ts — token era, validation, expiry logic
DB migration:
- invites desk: id, team_id, electronic mail, token (distinctive), expires_at, accepted_at
Assumptions:
- Invite tokens expire after 48 hours
- Inviting an already-registered electronic mail nonetheless goes via the invite move
- No invite restrict per workforce presentlyLearn that a few instances and ensure: Is the 48-hour expiry proper? Did it miss the speed limiting you want? Is it utilizing the e-mail service appropriately? Repair the plan earlier than a single line of code will get written.
The opposite aspect of that is immediate specificity. The extra exactly you describe what you need, the much less the agent has to deduce.
| Obscure | Particular |
|---|---|
| “Add funds” | Combine Stripe Checkout for the Professional plan ($29/month). On success, set person.plan = ‘professional’ and person.stripe_customer_id. On cancellation redirect to /pricing. Use present BillingService in /providers/billing.ts. |
| “Construct an API” | REST endpoint POST /api/experiences. Accepts { start_date, end_date, metric } in request physique. Validates dates with Zod. Queries the occasions desk grouped by day. Returns { information: [{ date, count }], whole }. |
| “Repair the gradual question” | The GET /api/customers endpoint takes 4 seconds. The customers desk has 800k rows. Add a database index on created_at and rewrite the question to make use of pagination (restrict 50, cursor-based). Don’t change the response form. |
3. Use a Separate Evaluate Agent for Safety and Logic
Coding brokers are optimized to finish duties, to not perceive why each guardrail exists. Columbia DAPLab has documented recurring failure patterns throughout main coding brokers, together with safety points, information administration errors, and weak codebase consciousness. That makes blind belief harmful: the identical agent that fixes a bug may take away the test that was stopping a worse one.
The clearest actual instance of this: within the Replit agent incident of 2025, the autonomous agent deleted a mission’s main manufacturing database as a result of it determined the database wanted cleanup. It was following its optimization goal. It was additionally violating an specific instruction to not modify manufacturing information. And sadly, no human reviewed what it was about to do.
The agent that wrote your code will not be in a very good place to catch its personal errors. Claude Code helps subagents: separate brokers that run in utterly remoted contexts with no reminiscence of what the primary agent constructed. You outline them in .claude/brokers/:
---
title: security-reviewer
description: Opinions code for safety points after implementation is full
instruments: Learn, Grep, Glob
mannequin: opus
---
You're a senior safety engineer doing a pre-ship evaluate.
For each route added or modified, test:
- Is authentication enforced? Can an unauthenticated request attain this?
- Is the person approved? Can person A entry person B's information?
- Is enter validated earlier than it hits the database?
- Are there any hardcoded secrets and techniques, API keys, or credentials?
Report: file title, line quantity, particular situation, recommended repair.
Don't summarize. Report each situation you discover.
After your primary agent finishes constructing the invitation system:
Use the security-reviewer subagent on all of the recordsdata we simply created or modified.
Here’s what an actual reviewer output seems like:
/routes/groups.ts line 47
Concern: POST /groups/accept-invite doesn't confirm the token belongs to the
electronic mail handle of the logged-in person. Any authenticated person who is aware of a sound
token can settle for any invite.
Repair: Add test that invitation.electronic mail === req.person.electronic mail earlier than accepting.
/providers/invites.ts line 23
Concern: Token generated with Math.random() — not cryptographically safe.
Repair: Exchange with crypto.randomBytes(32).toString('hex').
Neither of these would have been caught by the constructing agent. Each would have made it to prod.
Escape.tech’s scan of 5,600 vibe-coded apps discovered over 400 uncovered secrets and techniques and 175 situations of PII uncovered via endpoints. Most of it’s precisely this class of situation, authorization logic that works functionally however has holes.
4. Immediate in Layers, Not in One Big Spec
Function project modifications what the agent prioritizes. “Construct this characteristic” and “Act as a senior engineer who has been burned by poorly examined cost code earlier than. Construct this characteristic.” produce completely different outputs. The second will add edge case dealing with, write extra defensive validation, and flag assumptions it isn’t certain about. The mannequin responds to framing.
Construct options in layers, not . The usual mistake when constructing one thing like a Stripe integration is to ask for the entire thing in a single immediate. You get code that compiles however has the billing logic, webhook dealing with, and database updates tangled collectively. As an alternative:
Immediate 1:
Arrange the Stripe Checkout session creation solely.
Endpoint: POST /api/subscribe
Accepts: { price_id, user_id }
Returns: { checkout_url }
Don't deal with webhooks but. Don't replace the database but. Simply the session creation.
Evaluate that. Be certain the Stripe consumer is initialized appropriately, the best price_id is being handed, the success and cancel URLs level to the best locations.
Immediate 2:
Now add the Stripe webhook handler.
Endpoint: POST /api/webhooks/stripe
Deal with these occasions solely: checkout.session.accomplished, buyer.subscription.deleted
On checkout.session.accomplished: set person.plan = 'professional', person.stripe_customer_id = buyer id from occasion
On buyer.subscription.deleted: set person.plan = 'free'
Confirm the webhook signature utilizing STRIPE_WEBHOOK_SECRET from env.
Evaluate that individually, test the signature verification, additionally that the person lookup is appropriate.
Every layer is reviewable and has a transparent scope. If one thing is improper you realize precisely the place.
Use pseudo-code when you realize the logic however not the implementation:
Construct a fee limiter for the /api/send-invite endpoint.
Logic:
- Key: user_id + present hour (e.g. "user_123_2026041514")
- Restrict: 10 invitations per hour per person
- On restrict exceeded: return 429 with { error: "Fee restrict exceeded", retry_after: seconds till subsequent hour }
- Use Redis if out there within the mission, in any other case in-memory Map is ok
That is extra correct than “add fee limiting to the invite endpoint” as a result of you will have specified the important thing construction, the restrict, the error response form, and the storage desire. There may be nearly nothing left to guess.
Nearly all of builders transport AI generated code spend average to vital time correcting it. Solely round 10% ship it near as is. These are largely skilled Claude Code customers with tight CLAUDE.md recordsdata and structured construct classes.
Learn each diff earlier than committing. git diff earlier than each commit. When the agent has modified a file you didn’t ask it to the touch, both the immediate left room for interpretation or the agent overreached. Each are value understanding earlier than the code goes wherever.
Prohibit what the agent can entry. The permissions.deny block in ~/.claude/settings.json prevents the agent from studying or writing particular paths. A .cursorignore file does the identical in Cursor.
{
"permissions": {
"deny": [
"/auth/oauth.py",
"/.env",
"/.env.production",
"/legacy/**",
"/migrations/**"
]
}
}
Oh, migrations deserve particular point out. An agent that may write its personal migration recordsdata can silently alter your database schema. Preserve migrations out of attain and write them your self after reviewing what the agent constructed.
Take a look at instantly after each characteristic. Not as a separate activity later, proper after. “Now write unit assessments for the invitation service we simply constructed. Cowl: token expiry, duplicate invite to similar electronic mail, settle for with improper person, settle for with expired token.” The agent that simply constructed the characteristic is aware of the sting circumstances. Ask for assessments whereas that context is dwell.
That is it. Share with whoever wants it. Completely satisfied prompting!
