Discussion

Vibe Coding Failures

aimadetools: Thats already a big list

monksy: Thought experiment here: What about the bugs that humans have wrote. (I'm not excusing or justifying to say AI Coding is better). At one point we shamed companies for producing and being sloppy with their engineering practices. All of the sudden in the last 10 years, we accepted company's excuses of "of well we don't care and we're garbage." (A lot of Amazon tone death documentation/surprise bugs/google's head scratching disconnect to the user, etc behaviors).But I think this is a great thing to show that they're pushing to outsource coding to a bot and to shame them that their plan isn't working out so well as they're trying to force people to believe.I think it may help if we start personalizing these trends with the people who are amplifying it. I.e. Jassyslop, Siemiatbot (Klarna CEO was bold to brag he dropped 80% of a role for AI) etc.

bigstrat2003: Honestly, we should shame companies for poor engineering whether humans are directly doing the work or handing it off to an LLM.

rvz: This is the web3isgoinggreat equivalent for crypto, but for vibe coding with AI.

Thorrez: For CVE-2026-0755, that's a vulnerability in gemini-mcp-tool. gemini-mcp-tool's Github repo says "This is an unofficial, third-party tool and is not affiliated with, endorsed, or sponsored by Google." but this list shows the Google logo next to the vulnerability.Also, it's not entirely obvious to me that the vulnerability was introduced by vibe coding.https://github.com/jamubc/gemini-mcp-toolDisclosure: I work at Google, but not on anything related to this.

doug_durham: “Vibe coded”? I doubt that there is the documentary evidence that the code in these systems was never touched by a human. At best this is a list of code where AI tools were used in development. To be honest if you just created a list of all outages in all companies and systems you’d probably have a better list since AI tools are ubiquitous.

tonymet: AI might have been an opportunity to take engineer hubris down a knotch. Perhaps to reassess the excesses (bad performance, bad UX, poor reliability, costly development & operations, etc) . Instead of reflection, we decided to shame AI as vibe coding .How much abysmal code and products have we all shipped? Exploitative, clumsy , dangerous, vulnerable? What was our excuse?I find the entire anti-vibe coding movement to be terribly tacky and judgmental.We have an incredible tool that could 10-100x productivity. We should be using it to fix all of the terrible software we’ve made over the past 20 years. Instead there are 2-3 camps. People building stuff, people hyping AI and people shaming the first 2.Sad, really.

porcoda: In my experience over the last couple years, lists like this won’t move the needle at all. The AI zealots reject anything that calls into question the AI stuff, usually appealing to “just wait, better models/agents/guardrails imminent” and claiming that anecdotal productivity gains are worth the risk. The people concerned about AI already are concerned and just fall back to “I told you so”. Unfortunately the decision makers seem to still be following the zealots promising wondrous productivity, profit, and a future full of flying cars.

bluegatty: If by 'zealots' you mean the vast majority of developers, who are using AI tools in one way or another.The AI is already substantially better than most humans for a huge spectrum of at least narrow tasks. Those 'skills' will expand in scope, the evidence is overwhelming and unequivocal.Within 12 months it will be considered a 'security concern' to not have AI at least to some degree of autonomous review.The only concern really is how, when, and with what kind of oversight we use the new tools - that that 'they are used'.

nubinetwork: What about all the o365 outages and windows bugs caused by ai written code?

ares623: I love dunking on vibe coding as much as the next guy but is there actual evidence for most of the entries that such is the case? IMO that will make the point even stronger.

tayo42: Everything is blameless, you can't do that to humans lol

monksy: I agree with you. However, business individuals have decided that they're "a better judge" of our practices and they've used financial, legal, and coercion to get their way.

shermantanktop: So this is a list of incidents where random people on the internet speculated about rumors that AI was to blame. The companies typically deny it. Insiders who know the details are generally unable to comment due to how large companies manage PR.So basically Reddit.

bluegatty: 'vibe coding' is too loose a term. Everything will be generated by AI in the very near future, and it will range from 'fancy auto complete' to 'entirely autonomously generated' with many nuances and subtleties in between.

Dig1t: I kind of think that the "Human Coding" Wall of Shame would be quite a bit larger and contain examples that are every bit as egregious.

g947o: The first link claims the 6-hour outage wiped 99% of order volume. I went to the "source" and found an (AI generated?) ad by a company that wants to sell a product, where I cannot find the 99% number.This whole website and everything around it are almost ironic.

cjrd: now do one for human-coded incidents.

bluefirebrand: > How much abysmal code and products have we all shipped?> We should be using it to fix all of the terrible software we’ve made over the past 20 years. Instead there are 2-3 camps. People building stuff, people hyping AI and people shaming the first 2.This seems like an odd take. The pro who are using and hyping AI are not fixing all of the crap we put out the last 20 years. They are putting the gas pedal on the amount of crap being shippedI don't think anyone except the most die hard AI lovers truly believe is producing high quality work on the balance. It is absolutely producing more but worse output than we've ever seen beforeEven if it is capable of producing high quality work, you have to realize that most people using it are not capable of getting it to produce work of that quality. Nor do they seem to really care to

dgb23: I don’t think that’s the point of showcasing these issues.The specific point is that you cannot prompt your way to reliable software (AKA vibe coding). Just as you cannot reach the same goal by glueing together stackoverflow snippets without understanding them.

gobdovan: Coding with AI is kind of like obesity in modernity: having tons of resources is the goal, but once you get there, you end up in a system you're not really adapted to.Personally, I don't care that much about org incentives (even though they obviously matter for what OP posted) but more about what it does to my thinking. For me, actually writing code is what slows my brain down, helps me understand the problem, and helps me generate new ideas. As soon as I hand off implementation to an LLM (even if I first write a spec or model it in TLA+) my understanding drops off pretty quickly.

crazygringo: Is this meaningful at all, without a control?How often does software fail in production with human-written code? How many times has a production failure been avoided because an LLM didn't make a typo or mistake that a human would have?This is pushing an agenda. It's not measuring anything meaningful.

joe_mamba: >Also, it's not entirely obvious to me that the vulnerability was introduced by vibe coding.IDK why people act as if vibe coding invented software bugs that lead to vulnerabilities, as if those weren't already a thing by human programmers.

bdcravens: The same reason some use crime committed by illegal immigrants to push action, while ignoring the fact that citizens are more likely percentage-wise to commit those same crimes. It's confirmation bias at the least, and intellectual dishonesty at the worst, but either way, they want their worldview to be validated.

Gud: I know this is extremely off topic, but illegal immigrants are far more likely to commit crimes than citizens, not that this has anything to do with software bugs...

extrabajs: A control? This is just a list of incidents, not an experiment.

crazygringo: The "Why this matters" section at the bottom is clearly drawing conclusions as if it were an experiment.

Dig1t: I understand that, but the interesting bit is to compare how it performs relative to the average human coder. We can point out specific flaws for eternity, but if it makes 1% fewer mistakes or allows humans to code faster without increasing the number average number of mistakes, then I'd say that that's still providing value. I feel like just enumerating different mistakes that it's made is sort of biased against it because it leaves out a comparison to the alternative.Sort of like showing off self-driving car crashes. You can spend all day listing the crashes and showing people how it has problems, but if it's statistically safer than the average driver it would save thousands of lives per year to deploy it anyway even if it's not perfect.

simonw: Why is the LiteLLM incident on there? The linked article for that one is a 404.I didn't read any credible arguments suggesting that was caused by vibe coding. They had their PyPI publishing credentials stolen thanks to an attack against a CI tool they were using.Plus the linked article for the Amazon outage is https://d3security.com/blog/amazon-lost-6-million-orders-vib... which appears to be some other vendor promoting their product without providing any details on what happened at Amazon.

mrkeen: > Why is the LiteLLM incident on there? The linked article for that one is a 404.-> [Endor Labs] https://www.endorlabs.com/learn/teampcp-isnt-done-> On March 24, 2026, Endor Labs identified that litellm versions 1.82.7 and 1.82.8 on PyPI contain malicious code not present in the upstream GitHub repository. litellm is a widely used open source library with over 95 million month downloads. It lets developers route requests across LLM providers through a single API.

jabwd: If you mean by everything "stuff that has been done before and no one cares about" then, yeah, probably.New code will still need to be written though.

bluegatty: No, I mean everything.It's not reasonable to suggest that AI is only going to repeat older patterns that have been trodden before, or 'things that don't matter'.AI will be writing most new code, by far.Without even getting into complicated arguments about 'creativity' - the AI is an encyclopedia of best practices, and can think a couple of steps ahead for most things you'll ever want to do.Like pro chess players thinking they're going to beat the algo with some kind of fancy human creativity.Developers roles are changing, very fundamentally, you're now 1/2 a layer of abstraction above the code, and you're not going to writing it better than AI (in most cases) any more than a human will be better at sawing wood than the power tools. And yet, carpenters still exist.

jabwd: Goodluck

bluegatty: People riding horses in the age of automobiles are the one's who need 'luck'.

apgwoz: The key to this argument is that we won’t need to rely on Anthropic/OpenAI soon — will they exist in the same way they do today in 12-18 months? The “open” models are getting better and better, and people are figuring out ways to make inference run on lesser hardware. It already might be viable for people that don’t expect “instantaneous” and are doing more hybrid development.But you’re also never going to convince the people who still only run vi on the Linux console, without Xorg…

wulfstan: I am currently wrestling a vibe-coded codebase into a shippable state and we should call these tools out for what they actually are - technical debt generators.

voxl: Can you list a view tasks that AI is better at then other tools? Not humans mind you, because that is unimpressive, I mean other deterministic tools.For example, I'd rather use a calculator to do calculations than ask an LLM to do it. I'd rather use LanguageTool for grammar than asking an LLM to do it. Id RTFM then have an LLM summarize it.

dzonga: why is this flagged ?

vunderba: This site, especially if you look at all the previous posts from this domain, is almost assuredly AI generated.One of the "fun" hallmarks of many of these LLM assisted websites is that they seem to completely disregard basic accessibility (especially Web Content Accessibility Guidelines [1]). That small dark gray subtext on a black background is just horrific.[1] - https://webaim.org/resources/contrastchecker

lucasfin000: This is definitely the right question. A list of failures without any baseline won't tell you anything. You would need the same exercise for human-written code at a comparable scale before drawing any conclusions at all. Without it, it's just confirmation bias.

tonymet: I don’t disagree. But what is the detractors’ goal? What will the shaming accomplish? The tools are here and can be used for good or ill.Think about the 90s PC revolution, opening up developer opportunities. There were commercial devs and open source devs. The open source devs decided to put the new resources and tools to use to evangelize computing . And in many ways won.We have new tools now, and can put them to good use. Moaning from the sidelines is a losing strategy.

bluefirebrand: > Think about the 90s PC revolution, opening up developer opportunitiesI don't think the general arc of computing since the 90s has been good for humanityAs a detractor, that's my goal. I want to undermine this garbage technology that is actively making life worse for the majority of people while enriching a vanishingly small segment of humans at our expense

tonymet: I imagine we agree on a number of aspects .

blinkbat: Lol @ this being flagged

keeda: A lot of bad software today is attributed to "vibecoding" even though these trends have been existing since before LLMs. Like, people have been complaining about Windows for decades before AI came on the scene, except these days the same issues are attributed to vibecoding.I feel people are just lumping two things they don't like together because they are plausibly related, but without any real proven causality between them. Is this site any different?