Code Room
Vibe codingHardvc-g214
Subject Ai risk judgmentLevel Senior–Staff~20 minCommon in Algorithms & data structures interviewsIndustries Software development, IT services, Technology

Question

Your company serves EU customers and has a contractual commitment that personal data stays in the EU. An engineer wants to enable an AI coding agent that, to fix bugs, can read application logs and run queries against a staging database that contains pseudonymized-but-real EU user records. The agent's inference endpoint is hosted in us-east. How do you reason about whether this is allowed, and what guardrails would you require before turning it on?

What a strong answer looks like

Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.

Describe your solution

Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.

Run or narrate your approach, then ask the coach.