Question
As the staff engineer setting up guardrails, you're reviewing the infra-automation scripts your team has started generating with agents. This deploy helper is typical of what's landing in PRs across the org:
#!/bin/bashSERVICE=$1VERSION=$2ssh deploy@$HOST "cd /srv/$SERVICE && git fetch && git checkout $VERSION && ./restart.sh"echo "Deployed $SERVICE@$VERSION"It works in the demo. What's dangerous here, and what guardrail do you institute so agent-generated shell/infra code can't ship this class of problem across the team?
Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.
Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.