Code Room
Vibe codingMedium
Question
An AI assistant wrote this Go struct and handler to expose a user record over JSON. After release, the frontend reports that `email` and `role` are always missing, and a security reviewer flags a separate issue.
type User struct { ID int64 email string Role string `json:"-"` Password string `json:"password"` CreatedAt time.Time `json:"created_at"`} func handler(w http.ResponseWriter, u User) { json.NewEncoder(w).Encode(u)}What's wrong with the serialization, and what's the security problem?
What a strong answer looks like
Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.
Learn the concepts
Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.
Run or narrate your approach, then ask the coach.