Code Room
Vibe codingMediumvc-g233
Subject Ai code reviewLevel Mid–Senior~16 minCommon in Security interviewsIndustries IT services, Software development

Question

In a large Bash-heavy deploy repo, an AI agent added a new CI step that fetches a release artifact and verifies it. It claims to "match the existing scripts' conventions":

bash
#!/bin/bashVERSION=$(curl -s https://api.example.com/latest | jq -r .version)curl -s https://cdn.example.com/app-$VERSION.tar.gz -o app.tar.gztar xzf app.tar.gz -C $DEPLOY_DIRecho "Deployed $VERSION"

How do you verify the agent's 'matches conventions' claim, and what are the concrete problems?

What a strong answer looks like

Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.

Describe your solution

Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.

Run or narrate your approach, then ask the coach.