Question
You've been moving fast with an AI agent and just generated a backend feature spanning a new endpoint, a DB query, some config, and a couple of added dependencies. Rather than reviewing every line, describe the short security pass you run over AI-generated code before committing — what specific things you look for and why each one matters for AI output in particular.
Treat the AI’s output as a draft to verify, not an answer to trust. Name the specific flaw and the input that triggers it, say how you’d catch it — tests, edge cases, reading critically — and how you’d re-prompt or decompose to get it right.
Vibe coding: describe the solution in plain language (or narrate it) and the coach grades your approach. Generating runnable code from your description is coming next.