The new era of Vibe Coding is here

With all the hype around AI and its spin off phrases, you may have come across the saying 'Vibe Coding', but what is it? 

Before we dig in, I am calling this out up front, I am not a coder. I have dabbled in many areas over my time in tech, but app development has simply been a now and then hobby. Things have changed significantly since I first dipped my toes in and like any spoken language, coding is a perishable skill and it’s constantly evolving.  

What is Vibe coding? 

So, getting back on track, what is Vibe Coding? It is a way to build software using AI, by using natural language through simple conversational prompts. This 'programming by intent' enables you to focus on the desired outcomes and app behaviour with AI doing the challenging work of coding in the background for you.  

You ask your chosen AI to build your basic project, app or a tool, then enhance it by adding additional features as you go.  

Once you are happy with the initial results, you can then further use AI to evaluate and 'debug' it with your feedback. For example, 'that new feature didn’t work; try ABC instead' or 'change the layout or styling to be more like XYZ'. You can also give it examples to work from.  
 
This is really powerful for rapid prototyping and for non-coders to get working demos or even create internal tools for your team members! However, don’t get me wrong, it still needs plenty of oversight, thorough testing, and lots of guidance.  

 What are the main benefits of Vibe Coding? 

In my humble opinion and based on my time having a really good play with it, I see the following benefits of this new way of developing. 

• Time saving: That quintessential resource we never have enough of. AI can produce code much faster than any regular developer, which is why so many developers are turning to AI to aid with project deliveries and ever tighter timelines. 
  
  
• Cost savings: Your beta version can be created much faster, reducing the initial upfront investment and enabling development teams really focus on the heavy lifting and customisation. 
  
  
• Resource optimisation: You can only employ so many developers, but now you can easily tackle and theorise those smaller projects - or the infamous ‘backlog’ - which often deliver significant efficiencies and improve processes across the organisation.  

I am sure by now your mind boggles with great ideas and ways to deliver value to your organisation. Whatever you are thinking of tackling within your priority list, as explained above, Vibe Coding enables rapid prototyping and citizen development in minimal time, delivering effective ways to tackle problems.  

But - and it is a fairly big but - before you release anything for general use, you must validate your new super tool is safe to use.  

My recommendation is to always keep in mind; Vibe Coding is NOT a silver bullet you can trust implicitly to build something to a safe standard - in fact, the reverse could be closer to the truth. Like anything new in the tech world and more so in the AI sphere, new often means it comes with risks.  

What are the risks with Vibe Coding and how can we potentially mitigate them? 

Whilst using this method of building tools I have come across some immediate dangers to look out for. The list below highlights some of the potential risks you need to consider when Vibe Coding. It is not an exhaustive list but a good starting point, even for a non-developer but someone enthusiastic about having a crack at it.  

• Security vulnerabilities: Poor AI development practices can introduce insecure code - for example, granting more privileges than necessary for a task or failing to implement input validation on a web form. This can result in SQL injection or corruption of previously good data. Be sure to address this in your AI prompts and validate things work as expected.  
  
  
• Dependencies on vulnerable libraries: AI may choose to use a known vulnerable library, for no good reason other than 'it worked'. Check for CVE's when dependencies are being using within your project/app.
  
  
• Bugs and logic flaws: These can have a huge knock-on effect if your project updates data as part of its functions. If you are relying on your app as the source of truth, it could show incorrect information if logic is flawed. Both will result in a loss of confidence in your app, both internally in your organisation and externally for your clients. Test, test, test, trust with caution, rely on your own expertise and always verify your data matches the source!
  
  
• Adhering to coding standards, business policies and regulatory compliance: This one is where things can get trickier unless guardrails are in place. When you’re a developer working from your IDE for an organisation, this type of thing needs to be hashed out before you open your doors to Vibe Coding, but for citizen developers it is trickier to manage. Rule of thumb is Zero-Trust everywhere. Ask your internal subject matter experts to vet your work if you are not sure, do not push or release anything until you know it’s approved and safe.
  
  
• Data leakage: Do not put any company documents / IP into any AI prompt. Do not upload actual data- use a sample data. Do not give AI your secrets, keys, URLs or credentials. Do not upload to GitHub without triple checking your super-secret password isn't in your source files. Know your risk and how and what you are inputting from your data. There are tools and tutorials all over the web about how to mitigate breached and how they have occurred previously. Do your research and read up about it to avoid problems. Ignorance is not the way forward here.   

It's a lot to digest, and as I said above, this list in not even near exhaustive! In the coders’ world there are a plethora of other things to watch out for, like hallucinations, lack of contextual understanding, technical debt by means of unknown code needing to be unpicked and much more. 

Will Vibe Coding make developers obsolete?  

Definitely not. We need human ingenuity and critical thinking skills to build killer apps and grasp the complexities AI cannot. What it can certainly aid in, is lightening the load, like AI has been doing across many discipline - freeing developers and non-developers alike to think about the bigger picture and get on with things that need to be done. Overall, Vibe Coding can be helpful and deliver value if you stick to treating it like a junior and adhere to basic protocols.  

Here at OneAdvanced, we are pioneers in the AI space, being the first UK company to offer a private LLM with full UK data sovereignty - OneAdvanced AI. However, we are also well versed in numerous other AI tools and platforms used in-house and by our customers, giving us a deep understanding of the AI landscape and customer needs.  

AI enables us to focus on our expertise, to deliver value through time savings, removing mundane and repetitive tasks, so we can remain focused on the bigger problems and challenges organisations come to us for help with.  

It has been an eye-opening experience exploring these new and exciting ways of creating tools and I am certainly convinced that just like with all AI tools, given time, practice and setting rigid, yet agile protocols, we can enhance our world of work.  

If you’re interested in discovering how our AI and Data Services could support your organisation, get in touch with our team today!