Question
You're going to delegate a multi-file feature to a coding agent: add idempotency-key support to your Go payments API so retried POSTs don't double-charge. It touches the HTTP handler, a new Postgres table, the service layer, and tests. Rather than one giant prompt, describe how you'd set up the task and the guardrails so the agent can run with minimal supervision but can't quietly ship something dangerous. What do you put in front of it, what do you constrain, and where do you gate it before it touches money?
Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.
Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.