“Take SSRF [Server-Side Request Forgery]: there’s no common rule for distinguishing authentic URL fetches from malicious ones. The road between secure and harmful relies upon closely on context, making generic options unattainable,” mentioned Tenzai.
The apparent resolution is that, having invented vibe coding brokers, the trade ought to now concentrate on vibe coding checking brokers, which, after all, is the place Tenzai, a small startup not lengthy out of stealth mode, thinks it has discovered a spot out there for its personal expertise. It mentioned, “primarily based on our testing and up to date analysis, no complete resolution to this challenge at present exists. This makes it vital for builders to know the widespread pitfalls of coding brokers and put together accordingly.”
Debugging AI
The deeper query raised by vibe coding isn’t how properly instruments work, then, however how they’re used. Telling builders to maintain eyes on vibe code output isn’t the identical as understanding this may occur, any greater than it was within the days when people made all of the errors.
