Vibe code responsibly

Vibe coding is not without risks and may lead to the following symptoms:

Lost work

holy shit pic.twitter.com/WcbbBnGFxg

— jason liu (@jxnlco) March 17, 2025

Security vulnerabilities

Quick reminder: I'm charging $1,000/hour to fix your vibe-coded mess. pic.twitter.com/iHQEEOMjXV

— Santiago (@svpino) March 17, 2025

Here are a few pointers for how to vibe code responsibly:

• Use git to do version control so that a code agent doesn't wipe your work.
• Use CDNs like Cloudflare, auth management services like Clerk, and payment processors like Stripe. These have built-in protection against DDoS attacks, etc.
• Don't publish API keys — use env variables. Make sure your local env file is in your .gitignore. Use a deployment service like Vercel or Replit that secures your env variables.
• Set spending caps on all third party services you use. If the service doesn't support such limits, don't use it.

That said, this presents an opportunity. Subtle is all about exploring the second-order effects of superabundant software. There will be a new opportunity to clean up the mess of vibe coders YOLO'ing apps to production.

No joke, this could actually be the next Wiz:

security audit as a service for vibe coders pic.twitter.com/5Te9o4zAnw

— Klaas (@forgebitz) March 18, 2025

Someone is actually vibe coding this solution and marketing it to vibe coders:

Haha whathttps://t.co/1cVcN9A5l8 pic.twitter.com/GgT5AYhSIq

— Saurabh Kumar (@drummatick) March 18, 2025