Question
Greenfield: you're directing an AI agent to build an API rate limiter as Express middleware in TypeScript, backed by Redis, enforcing per-API-key limits (e.g. 100 req/min) across a horizontally-scaled fleet. Lay out the build plan: the algorithm choice (fixed window vs. sliding window vs. token bucket), how you keep it atomic across instances, response headers, and acceptance criteria. What does a careless 'add rate limiting' prompt get wrong in a multi-instance deployment?
Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.
Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.