[grey-area]

This problem is unrelated to CI and dev practices etc, this is about trusting the output of generative AI without reading it, then using it to handle patient data.

Vibe coding is just a bad idea, unless you’re willing and able to vet the output, which most people doing it are not.

[dgb23]

Fully agentic development is neat for scripts and utilities that you wouldn‘t have the time to do otherwise, where you can treat it as intput/output and check both.

In these cases you don’t necessarily care too much about the code itself, as long as it looks reasonable at a glance.

[lonelyasacloud]

> Vibe coding is just a bad idea, unless you’re willing and able to vet the output, which most people doing it are not.

It says quite a lot about where we are with ai tooling that none of the big players have “no need to review, certified for market X” offerings yet.

[edwinjm]

It is related to CI and dev practices etc. A experienced developer using AI would add security/data protection, even when vibe coding.

[grey-area]

An experienced developer would not have created this mess nor 'vibe-coded' (i.e. used AI without checking), but this person probably didn't know what they didn't know and believed the AI when it confidently asserted this mess was the correct way to do this.

None of that is related to the practice of Continuous Integration.