npub1gz…ea5ds on Nostr: This one is pretty juicy > "Coding agents cannot be trusted to design secure ...
This one is pretty juicy
https://awesomeagents.ai/news/vibe-coding-security-69-vulnerabilities/> "Coding agents cannot be trusted to design secure applications," Tenzai concluded. "They seem to be very prone to business logic vulnerabilities. While human developers bring intuitive understanding that helps them grasp how workflows should operate, agents lack this 'common sense.'"
> Databricks' AI Red Team found that self-reflection prompts can improve security by 60-80% for Claude and up to 50% for GPT-4o. The tools can find their own vulnerabilities when asked.
> But that is precisely the problem vibe coding was supposed to solve. The entire premise is that developers - or non-developers - can describe what they want and get working software. Requiring them to also know which security prompts to add defeats the purpose.
I'm going to keep quoting until morale improves.
...and please don't get me wrong, I think the tech we are in front of is very powerful, and I'm not against it, nor am I a doomer, but we cannot just forget about privacy, security, and everything in between just because of the hype
nevent1q…5pj5
Published at
2026-02-21 21:22:51 CETEvent JSON
{
"id": "4b1e9ddfee583ae3ab0d167aceefcd06f9aba64e5d5ebecb515e18493f35fda4",
"pubkey": "40b9c85fffeafc1cadf8c30a4e5c88660ff6e4971a0dc723d5ab674b5e61b451",
"created_at": 1771705371,
"kind": 1,
"tags": [
[
"q",
"2c4fd9a45dde7ac4437d6ed4d4111ca85fe2dd901d28bca4d0dafe4ba5537b5f",
"wss://nos.lol/",
"40b9c85fffeafc1cadf8c30a4e5c88660ff6e4971a0dc723d5ab674b5e61b451"
]
],
"content": "This one is pretty juicy\nhttps://awesomeagents.ai/news/vibe-coding-security-69-vulnerabilities/\n\u003e \"Coding agents cannot be trusted to design secure applications,\" Tenzai concluded. \"They seem to be very prone to business logic vulnerabilities. While human developers bring intuitive understanding that helps them grasp how workflows should operate, agents lack this 'common sense.'\"\n\n\u003e Databricks' AI Red Team found that self-reflection prompts can improve security by 60-80% for Claude and up to 50% for GPT-4o. The tools can find their own vulnerabilities when asked.\n\n\u003e But that is precisely the problem vibe coding was supposed to solve. The entire premise is that developers - or non-developers - can describe what they want and get working software. Requiring them to also know which security prompts to add defeats the purpose.\n\nnostr:nevent1qvzqqqqqqypzqs9eep0ll6hurjkl3sc2fewgses07mjfwxsdcu3at2m8fd0xrdz3qy88wumn8ghj7mn0wvhxcmmv9uq32amnwvaz7tmjv4kxz7fwv3sk6atn9e5k7tcqyqkylkdyth0843zr04hdf4q3rj59lckajqwj309y6rd0uja92da477tndcy",
"sig": "fbba777cfbed8335d01ca1abba0647ce62fad982c8ed206738888f5191022a299c479b3751c957e3a9ac3776cccb76bc3965b182c5e07c59f693fa7e33ff5a1f"
}