What is Vibe Coding?

Definition

Vibe coding is an informal term for a software development style where the developer communicates in natural language — describing the desired behavior rather than writing the implementation — and accepts AI-generated code without deep review or understanding. The developer "vibes" with the output: does it seem to work? Good enough. The name comes from prioritizing flow and momentum over precision.

The term was popularized by Andrej Karpathy in a 2025 tweet and has since become a widely discussed phenomenon as AI coding tools have made this style increasingly accessible.

How Vibe Coding Works in Practice

A vibe coding session typically looks like:

1. Developer describes a feature in a chat interface ("add a user authentication endpoint that accepts email and password")
2. AI generates the implementation — a complete function, file, or module
3. Developer runs it, checks if it works for the happy path
4. If it seems to work, it goes in. If not, the developer asks the AI to fix the error message.
5. The developer rarely reads the generated code in detail

Why Vibe Coding Has Grown

Vibe coding has exploded because AI coding tools have made it genuinely productive for many use cases. For prototyping, internal tools, and rapidly exploring ideas, the speed of vibe coding far exceeds traditional development. A solo developer can build a functional prototype in hours that would have taken days.

The tools have also improved dramatically: modern AI coding agents (Cursor, Claude Code, GitHub Copilot Workspace) maintain context across an entire project, not just a single file — making the generated code more coherent and less obviously broken.

The Risks of Vibe Coding

Security vulnerabilities

AI-generated code frequently introduces security vulnerabilities — SQL injection, missing authentication, insecure defaults. Developers who do not review the generated code do not catch these issues. Multiple security researchers have demonstrated that vibe-coded applications are disproportionately vulnerable.

Technical debt accumulation

Code that is accepted without review often lacks proper error handling, logging, and maintainability. AI models optimize for apparent correctness of the happy path, not operational robustness. Vibe-coded systems accumulate structural debt quickly.

The "works on my machine" problem

AI-generated code that appears to work locally may fail in production due to environment assumptions, race conditions, or edge cases the developer never tested because they were vibing, not testing systematically.

Loss of understanding

When a developer does not understand the code they ship, they cannot debug it when it breaks, cannot maintain it, and cannot communicate about it effectively with their team.

Vibe Coding in Context

Vibe coding is not inherently bad — context determines appropriateness. For a personal side project or a throwaway prototype, the speed-quality trade-off may be exactly right. For production systems handling user data, financial transactions, or security-sensitive operations, the risks are too high without review.

Connection to Autonomous Code Governance

Vibe coding and autonomous code governance are natural complements. Vibe coding maximizes development velocity; autonomous governance catches what velocity misses. Hydra continuously scans the codebase — including code that was vibed into existence without deep review — for security vulnerabilities, quality issues, and policy violations. It closes the governance gap that vibe coding creates, making fast iteration and code safety compatible rather than competing goals.