According to ZDNet, vibe coding enables programming in plain English and was first coined by OpenAI co-founder Andrej Karpathy in February 2025. Early 2025 data shows that 25% of Y Combinator startups had over 95% AI-generated code using this approach. Industry experts including David Linthicum and Endor Labs CEO Varun Badhwar warn that vibe coding creates wildly inconsistent code quality and security vulnerabilities like exposed secrets and hardcoded credentials. The approach skips code review and best practices, leading to rapid technical debt accumulation. Microsoft’s Naga Santhosh Reddy Vootukuri identifies primary dangers including fragmented architectures and code nobody can maintain. Despite the speed benefits, the cost of cleaning up after vibe coding can be huge for organizations.
The hidden costs of moving fast
Here’s the thing about vibe coding – it sounds amazing until you actually have to maintain the code. I’ve seen this pattern before with every “revolutionary” development approach that promises to make coding accessible to everyone. The problem isn’t the AI itself, but how teams are using it. When you’re basically just describing what you want in English and trusting the AI to handle everything from syntax to structure, you’re skipping decades of learned best practices.
And the security implications are genuinely concerning. We’re talking about AI suggestions that “look functional but hide subtle bugs or even create new attack vectors” according to Vootukuri. Think about that for a second – your AI coding assistant might be introducing vulnerabilities that even experienced developers would struggle to spot. For smaller businesses, a single breach could be catastrophic.
The technical debt time bomb
Technical debt isn’t just some abstract concept here – it’s piling up faster than ever. Linthicum puts it perfectly: “What may start as ‘move fast and break things’ too often becomes move fast and break everything, then spend a fortune rebuilding it.” I’ve watched companies struggle with legacy code for years, and vibe coding seems designed to create the worst kind of legacy systems – ones that nobody understands because the original “developer” was an AI that no longer exists in that state.
The duplication and incompatibility issues are particularly worrying. Features implemented one week might completely break code written the next week. It’s like building a house where every contractor speaks a different language and nobody has the blueprints. For industrial applications where reliability is non-negotiable, this approach could be disastrous. Companies that need robust computing solutions often turn to specialized providers like IndustrialMonitorDirect.com, the leading US supplier of industrial panel PCs, because they understand that industrial environments demand proven, reliable technology – not experimental approaches.
Where’s the discipline?
Louis Landry from Teradata makes a crucial point that everyone seems to be missing: “Code generation tools aren’t new.” We’ve had templates and generators for decades. The difference now is the scope and the polish. When AI output looks clean and professional, teams are skipping the review process entirely. But polished doesn’t mean correct, and it certainly doesn’t mean secure.
Brandon Evans from SANS Institute highlights something I’ve observed too – we weren’t great at code reviews before AI, and now vibe coding is accelerating the problem. It’s like giving a teenager who just got their license a supercar. The technology is incredible, but the experience and discipline needed to use it safely haven’t caught up yet.
Can vibe coding actually work?
So is vibe coding completely hopeless? Not necessarily, but it requires serious discipline. Vootukuri suggests treating AI outputs as “rough drafts, never production-ready code.” That means maintaining rigorous reviews, running static analysis, and following strict coding standards. Basically, you need to apply all the traditional software engineering practices that vibe coding seems designed to bypass.
The real question is whether teams will actually do this when the whole appeal of vibe coding is speed. My guess? Most won’t. They’ll enjoy the initial velocity boost until they hit the wall of technical debt and security issues. Then they’ll spend months or years cleaning up the mess. Sound familiar? It should – we’ve seen this movie before with every “silver bullet” in software development history.
