Question
An agent implemented a 250-line authorization middleware in TypeScript from a one-paragraph spec ('admins can edit any org, members can edit only their own org, viewers read-only'). The code looks reasonable and the demo works. You don't trust yourself to have read every branch. How do you verify the implementation actually matches the spec — including the cases the spec implies but doesn't state?
Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.
Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.