Code Room
Vibe codingHardvc-g021
Subject Ai code reviewLevel Senior–Staff~19 minCommon in Security interviewsIndustries Software development, Technology

Question

An AI agent wrote this Python helper to hash user passwords for storage, importing a hashing utility it described as 'industry standard.' `pip install` of the package it referenced succeeds. Review it.

python
from securehash import scrypt_secure def hash_password(password: str) -> str:    # securehash: well-known, audited password hashing    return scrypt_secure(password, rounds=1000) def verify_password(password: str, stored: str) -> bool:    return scrypt_secure(password, rounds=1000) == stored
What a strong answer looks like

Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.

Describe your solution

Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.

Run or narrate your approach, then ask the coach.