Code Room
Vibe codingMediumvc-g319
Subject Ai code reviewLevel Mid–Senior~18 minCommon in Security interviewsIndustries IT services, Software development

Question

As the staff engineer setting up guardrails, you're reviewing the infra-automation scripts your team has started generating with agents. This deploy helper is typical of what's landing in PRs across the org:

bash
#!/bin/bashSERVICE=$1VERSION=$2ssh deploy@$HOST "cd /srv/$SERVICE && git fetch && git checkout $VERSION && ./restart.sh"echo "Deployed $SERVICE@$VERSION"

It works in the demo. What's dangerous here, and what guardrail do you institute so agent-generated shell/infra code can't ship this class of problem across the team?

What a strong answer looks like

Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.

Describe your solution

Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.

Run or narrate your approach, then ask the coach.