[{"data":1,"prerenderedAt":352},["ShallowReactive",2],{"blog-glossary/vibe-coding":3},{"id":4,"title":5,"body":6,"category":327,"date":328,"dateModified":328,"description":329,"draft":330,"extension":331,"faq":332,"featured":330,"headerVariant":336,"image":337,"keywords":337,"meta":338,"navigation":339,"ogDescription":340,"ogTitle":341,"path":342,"readTime":343,"schemaOrg":344,"schemaType":345,"seo":346,"sitemap":347,"stem":348,"tags":349,"twitterCard":350,"__hash__":351},"blog/blog/glossary/vibe-coding.md","What is Vibe Coding? AI-Assisted Development",{"type":7,"value":8,"toc":316},"minimark",[9,16,21,24,28,106,110,142,146,179,188,192,230,234,263,285,304],[10,11,12],"tldr",{},[13,14,15],"p",{},"Vibe coding means building software by describing what you want to AI tools like Claude, Cursor, or Copilot. You focus on the \"vibe\" of what you want, and AI generates the code. It democratizes development but requires security awareness. AI can generate insecure patterns, so scanning and reviewing code remains essential. CheckYourVibe helps catch security issues in vibe-coded projects.",[17,18,20],"h2",{"id":19},"the-simple-explanation","The Simple Explanation",[13,22,23],{},"Instead of writing every line of code yourself, you describe what you want in natural language. \"Build a login page with email and password.\" \"Add a database to store user preferences.\" AI generates working code. You iterate by describing changes until it matches your vision. You are coding by vibes, not syntax.",[17,25,27],{"id":26},"the-vibe-coding-stack","The Vibe Coding Stack",[29,30,31,47],"table",{},[32,33,34],"thead",{},[35,36,37,41,44],"tr",{},[38,39,40],"th",{},"Tool",[38,42,43],{},"Type",[38,45,46],{},"Use Case",[48,49,50,62,73,84,95],"tbody",{},[35,51,52,56,59],{},[53,54,55],"td",{},"Claude",[53,57,58],{},"AI assistant",[53,60,61],{},"Complex reasoning, full projects",[35,63,64,67,70],{},[53,65,66],{},"Cursor",[53,68,69],{},"AI IDE",[53,71,72],{},"Code editing with AI",[35,74,75,78,81],{},[53,76,77],{},"GitHub Copilot",[53,79,80],{},"Code completion",[53,82,83],{},"Inline suggestions",[35,85,86,89,92],{},[53,87,88],{},"v0",[53,90,91],{},"UI generator",[53,93,94],{},"React components",[35,96,97,100,103],{},[53,98,99],{},"Bolt",[53,101,102],{},"App builder",[53,104,105],{},"Full-stack apps",[17,107,109],{"id":108},"security-considerations","Security Considerations",[111,112,114],"prompt-box",{"title":113},"Common AI-generated security issues",[115,116,117,121,124,127,130,133,136,139],"ul",{},[118,119,120],"li",{},"SQL queries with string concatenation",[118,122,123],{},"Missing input validation",[118,125,126],{},"Hardcoded secrets in code",[118,128,129],{},"Missing authentication checks",[118,131,132],{},"Insecure default configurations",[118,134,135],{},"Outdated dependency versions",[118,137,138],{},"Missing rate limiting",[118,140,141],{},"Verbose error messages",[17,143,145],{"id":144},"why-security-matters-more","Why Security Matters More",[115,147,148,155,161,167,173],{},[118,149,150,154],{},[151,152,153],"strong",{},"Speed:"," Vibe coding is fast, so more code ships quickly",[118,156,157,160],{},[151,158,159],{},"Understanding:"," Developers may not fully understand generated code",[118,162,163,166],{},[151,164,165],{},"Training data:"," AI learned from code with vulnerabilities",[118,168,169,172],{},[151,170,171],{},"Context loss:"," AI may miss security context of your app",[118,174,175,178],{},[151,176,177],{},"Copy-paste:"," Stack Overflow vulnerabilities in training data",[180,181,182],"warning-box",{},[13,183,184,187],{},[151,185,186],{},"AI is a tool, not a security expert."," AI generates what you ask for, not necessarily what is secure. Always review generated code and use security scanning. Include security requirements in your prompts.",[17,189,191],{"id":190},"secure-vibe-coding-practices","Secure Vibe Coding Practices",[115,193,194,200,206,212,218,224],{},[118,195,196,199],{},[151,197,198],{},"Include security in prompts:"," \"Use parameterized queries\"",[118,201,202,205],{},[151,203,204],{},"Review generated code:"," Understand before deploying",[118,207,208,211],{},[151,209,210],{},"Use security scanning:"," Automated vulnerability detection",[118,213,214,217],{},[151,215,216],{},"Learn fundamentals:"," Know what to look for",[118,219,220,223],{},[151,221,222],{},"Test thoroughly:"," Try to break your own code",[118,225,226,229],{},[151,227,228],{},"Keep dependencies updated:"," AI may suggest old versions",[17,231,233],{"id":232},"example-secure-prompt","Example Secure Prompt",[111,235,237,240,243],{"title":236},"Before and after",[13,238,239],{},"Insecure prompt:\n\"Build a login form that checks the database\"",[13,241,242],{},"Secure prompt:\n\"Build a login form with:",[115,244,245,248,251,254,257,260],{},[118,246,247],{},"Parameterized SQL queries",[118,249,250],{},"Password hashing with bcrypt",[118,252,253],{},"Rate limiting (5 attempts per minute)",[118,255,256],{},"CSRF protection",[118,258,259],{},"Secure session handling",[118,261,262],{},"Input validation\"",[264,265,266,273,279],"faq-section",{},[267,268,270],"faq-item",{"question":269},"Is vibe-coded software less secure?",[13,271,272],{},"Not necessarily, but it requires vigilance. AI can generate insecure patterns if not prompted carefully. The real risk is developers not understanding or reviewing the generated code. Security scanning and code review remain essential regardless of how code is written.",[267,274,276],{"question":275},"What security issues are common in AI-generated code?",[13,277,278],{},"Common issues include SQL injection (concatenating user input), XSS (not escaping output), hardcoded credentials, missing authentication checks, insecure defaults, and outdated patterns from training data. AI may also generate code with vulnerable dependency versions.",[267,280,282],{"question":281},"How do I vibe code securely?",[13,283,284],{},"Include security requirements in your prompts. Review generated code for security issues. Use security scanning tools to catch vulnerabilities automatically. Understand what the code does before deploying. Treat AI as an assistant, not a replacement for security knowledge.",[286,287,288,294,299],"related-articles",{},[289,290],"related-card",{"description":291,"href":292,"title":293},"Common AI mistake","/blog/glossary/sql-injection","SQL Injection",[289,295],{"description":296,"href":297,"title":298},"Output encoding issues","/blog/glossary/xss","XSS",[289,300],{"description":301,"href":302,"title":303},"Often missing in AI code","/blog/glossary/validation","Validation",[305,306,309,313],"cta-box",{"href":307,"label":308},"/","Start Free Scan",[17,310,312],{"id":311},"check-your-vibe-coded-project","Check Your Vibe-Coded Project",[13,314,315],{},"Security scanning built for AI-generated code.",{"title":317,"searchDepth":318,"depth":318,"links":319},"",2,[320,321,322,323,324,325,326],{"id":19,"depth":318,"text":20},{"id":26,"depth":318,"text":27},{"id":108,"depth":318,"text":109},{"id":144,"depth":318,"text":145},{"id":190,"depth":318,"text":191},{"id":232,"depth":318,"text":233},{"id":311,"depth":318,"text":312},"glossary","2026-01-14","Learn what vibe coding is, how AI tools like Claude, Cursor, and Copilot enable it, and the security considerations for AI-assisted development.",false,"md",[333,334,335],{"question":269,"answer":272},{"question":275,"answer":278},{"question":281,"answer":284},"green",null,{},true,"Vibe coding uses AI to build software by describing what you want. Learn about its security implications.","What is Vibe Coding?","/blog/glossary/vibe-coding","5 min read","[object Object]","DefinedTerm",{"title":5,"description":329},{"loc":342},"blog/glossary/vibe-coding",[],"summary_large_image","NmX6aNcFKqvDqmSv5H3k4F5vYhminTbyXBzsmV4K2XM",1775843921800]