Vibe Coding Tools Logo
General Discussion
discussion

The harsh truth about building apps with AI/Vibecoding

vikdevelops
@vikdevelops
Posted October 7, 2025Updated November 20, 2025

Hey everyone. I'm talking from experience here. I just finished building this amazing website (Vibe Coding Tools), along with several other projects. I want to share what I've learned about the real challenges of creating solid, secure, production-ready apps when you lean heavily on AI assistance.

I hate super-long posts. People don't finish them (totally understandable). So I'll get straight to the point. Here's what I know about LLM/vibe-coding that you should know too:

  • Planning changes everything. This saves you tons of time and resources. You know exactly where you're headed. Once you plan everything out, building becomes way easier. Sure, unexpected things pop up. You'll want to add features later. But strong initial planning keeps you on track.
  • One-shot prompts won't cut it. Don't expect to drop a single prompt and have AI build everything perfectly. About 90% of the time, it'll claim everything's done and production-ready. It's nowhere close. Here's what works: after AI finishes, tell it to review everything again. Demand complete honesty. This approach reveals gaps AI left behind.
  • Break features into tiny steps. When you're building anything, go super small. Split each feature into 5 sub-features (depending on size). Build them one by one. Don't move forward until you're 100% certain the previous step works perfectly. Skip this step and you'll drag along a mountain of bugs. They become nightmares to fix later.
  • Backend security needs your attention. This is AI's Achilles heel. About 99% of the time, it won't code with security in mind. You need to: Turn on RLS in your database, sanitize your text inputs, check all parameters carefully, review authentication flows yourself, apply rate limits to your API endpoints and a shit ton more of tasks tbf.. I have a Reddit post that explains this in detail.
  • Build your custom command library. You need personalized commands for different tasks: Debugging protocols, feature-building sequences, critical thinking prompts, code review checklists Thankfuly I do also have another Reddit post where I break this down further.
  • AI breaks working code. While adding new features or fixing bugs, AI will break things that already work fine. You can't trust it to preserve what's functional. Always review everything carefully before deploying. I've seen this happen repeatedly across multiple projects.
  • Testing takes most of your time. A vibe-coder should spend most of his time testing. Period. Run tests constantly. Break things on purpose. See what fails. This is where the real work happens.. because this is how real users will behave.

In my opinion AI and LLMs represent a huge leap in how we code. But we're still far from full automation. Humans still need to touch keyboards. Want to build a good app that works well, stays secure, handles workloads properly, and serves users? You'll need to step in and take control. Leave everything to AI and you'll wake up with your house on fire.

My point here isn't to promote my website or anything (honestly). I'm a programmer who knows what I'm doing. That's why I review AI output. That's why I get better results. You should too.

391
Loading comments...