Paul's Security Weekly (Audio) Vibe Coding For Success and Failure - PSW #902
Nov 27, 2025
Dive into the intriguing world of vibe coding, where Claude helps build a Python Flask app with some ups and downs. Learn about prompting strategies, logic errors from AI, and the importance of manual code intervention. Paul shares insights on using SQLite for exploit data and how caching tackles API rate limits. Discover the future of AI in development, emphasizing precise pre-prompts and collaboration across models. A fascinating mix of innovation and security awaits!
AI Snips
Chapters
Transcript
Episode notes
Separate Internal AI Docs From Git
- Keep AI-generated developer docs separate from user docs and git to avoid leaking internal prompts.
- Use .gitignore to exclude Claude's internal session files before pushing to public repos.
Create A Shared Claude RC Environment
- Use a Claude RC configuration to set guardrails, file locations, and session behaviors up front.
- Store AI instruction files and user docs in separate folders to avoid leaking internal prompts to Git.
Simplify Logic To Reduce Bugs
- Claude excels at mechanical tasks like indexing and generating code but struggles with complex decision logic.
- Simplifying UI choices (e.g., radio buttons) reduces logic bugs and yields more reliable code from the model.