5 considerations for your vibe coding journey

I would have not had “coding with vibes” on my dev career bingo card, yet here we are… Using AI to write code is an incredible productivity unlock. For a developer like me, it means I can focus on conceptualizing new features for my project and asking AI to write the code that would otherwise be repetitive. And for non-developers, it means opening the door to building projects of their own. There are problems with relying too heavily on AI for coding, such as it being inconsistent in the it writes, being overly ambitious when trying to “help”, or just straight up producing bad code that doesn’t work. So to overcome these challenges, here are 5 tips you should consider on your vibing journey. Verify everything Code reviews are more important than ever. You should be checking everything that AI creates for you and you should completely understand everything that the code it writes does. Do not blindly accept what these tools write, it’s just asking for trouble down the road. Use it to explain concepts AI will inevitably write something you don’t completely understand, which provides a great opportunity to learn. Ask it to explain snippets of code so you can learn while you build. Here’s the trick though: you shouldn’t even trust it’s explanations. AI’s will lie to you (although for some reason we call it “hallucinations”) and it will do so very confidently. Even if it’s explanation sounds trustworthy, try and find other sources to verify that, be it an online blog, forum, or even community of other developers. Build with consistent patterns You should understand the patterns and paradigms of any framework or language you are working with and try to steer your coding tools towards producing code that follows your preferences. For instance, I like using server actions over API routes with Next.js, and at the begining of a project I constantly find myself reminding my tools to favor Use global rules if available Building on my previous point, use rules to guide your tools to follow your preferences. My preferred coding AI is Windsurf, and it supports the concept of global rules to help guide its output. Here is a screenshot of my own rules in Windsurf: Triple check security It is absolutely vital that you understand the fundamentals of security when building web applications with AI. We’ve seen the stories of a founder building a product with AI that starts to get some traction, only for it to be hacked into using trivial methods. The thing about security is that something will work if it’s insecure (arguably easier than if it is), so it’s not enough to just get the thing working. You need to understand how security is implemented in your project to ensure your users’ data is protected, and that the future of your project is safe from being hacked.

Mar 29, 2025 - 13:47

5 considerations for your vibe coding journey

I would have not had “coding with vibes” on my dev career bingo card, yet here we are…

Using AI to write code is an incredible productivity unlock. For a developer like me, it means I can focus on conceptualizing new features for my project and asking AI to write the code that would otherwise be repetitive. And for non-developers, it means opening the door to building projects of their own.

There are problems with relying too heavily on AI for coding, such as it being inconsistent in the it writes, being overly ambitious when trying to “help”, or just straight up producing bad code that doesn’t work. So to overcome these challenges, here are 5 tips you should consider on your vibing journey.

Verify everything

Code reviews are more important than ever. You should be checking everything that AI creates for you and you should completely understand everything that the code it writes does. Do not blindly accept what these tools write, it’s just asking for trouble down the road.

Use it to explain concepts

AI will inevitably write something you don’t completely understand, which provides a great opportunity to learn. Ask it to explain snippets of code so you can learn while you build. Here’s the trick though: you shouldn’t even trust it’s explanations.

AI’s will lie to you (although for some reason we call it “hallucinations”) and it will do so very confidently. Even if it’s explanation sounds trustworthy, try and find other sources to verify that, be it an online blog, forum, or even community of other developers.

Build with consistent patterns

You should understand the patterns and paradigms of any framework or language you are working with and try to steer your coding tools towards producing code that follows your preferences. For instance, I like using server actions over API routes with Next.js, and at the begining of a project I constantly find myself reminding my tools to favor

Use global rules if available

Building on my previous point, use rules to guide your tools to follow your preferences. My preferred coding AI is Windsurf, and it supports the concept of global rules to help guide its output. Here is a screenshot of my own rules in Windsurf:

Triple check security

It is absolutely vital that you understand the fundamentals of security when building web applications with AI. We’ve seen the stories of a founder building a product with AI that starts to get some traction, only for it to be hacked into using trivial methods.

The thing about security is that something will work if it’s insecure (arguably easier than if it is), so it’s not enough to just get the thing working. You need to understand how security is implemented in your project to ensure your users’ data is protected, and that the future of your project is safe from being hacked.