Question
You're building a tamper-evident audit-log service from scratch in Rust with an AI agent: it records security-relevant events (who did what, when) for compliance, must be append-only, queryable, and resistant to after-the-fact editing. Describe the build plan: the storage and integrity model, the write path, querying, and acceptance criteria. What does a careless 'log all the admin actions to a table' prompt fundamentally miss about an AUDIT log specifically?
Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.
Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.