Security Weekly Podcast Network (Audio) Vibe Coding For Success and Failure - PSW #902
Nov 27, 2025
Dive into the fascinating world of vibe coding as Paul shares his hands-on experiment with a Python Flask app. He reveals how AI, particularly Claude, generated extensive documentation and code, while discussing methodologies for creating and securing software. The team debates the balance between vibe coding and hand-coding, explores the integration of various exploit databases, and emphasizes the importance of human oversight in AI development. Get ready for insights on using AI to enhance productivity in software creation!
AI Snips
Chapters
Transcript
Episode notes
Use Phases And Checkpoints
- Prompt Claude to produce a phased plan with explicit checkpoints before coding big features.
- Use the checkpoint responses to control which substeps run and reduce unwanted behavior.
Weaver: A Claude‑Built CVE Indexer
- Paul built a Python Flask app called Weaver entirely with Claude code, indexing 300k+ CVEs into SQLite databases.
- He used local GitHub repos and NVD API data and reported ~9,000 CVEs/sec index performance during builds.
Specify Tech Stack Up Front
- Drive the technology choices in prompts (e.g., specify Flask, SQLite, Docker) rather than letting the model decide everything.
- Ask the model which technologies it will use, then approve a phased plan before implementation.