“Take SSRF [Server-Side Request Forgery]: there’s no common rule for distinguishing legit URL fetches from malicious ones. The road between protected and harmful relies upon closely on context, making generic options not possible,” mentioned Tenzai.
The plain resolution is that, having invented vibe coding brokers, the trade ought to now concentrate on vibe coding checking brokers, which, after all, is the place Tenzai, a small startup not lengthy out of stealth mode, thinks it has discovered a spot out there for its personal expertise. It mentioned, “primarily based on our testing and up to date analysis, no complete resolution to this subject at present exists. This makes it essential for builders to grasp the widespread pitfalls of coding brokers and put together accordingly.”
Debugging AI
The deeper query raised by vibe coding isn’t how nicely instruments work, then, however how they’re used. Telling builders to maintain eyes on vibe code output isn’t the identical as understanding this can occur, any greater than it was within the days when people made all of the errors.
