Paul's Security Weekly (Audio) Vibe Coding For Success and Failure - PSW #902
Nov 27, 2025
Dive into the intriguing world of vibe coding, where Claude helps build a Python Flask app with some ups and downs. Learn about prompting strategies, logic errors from AI, and the importance of manual code intervention. Paul shares insights on using SQLite for exploit data and how caching tackles API rate limits. Discover the future of AI in development, emphasizing precise pre-prompts and collaboration across models. A fascinating mix of innovation and security awaits!
AI Snips
Chapters
Transcript
Episode notes
Building Weaver End-to-End With Claude
- Paul used Claude to build a Python Flask app called Weaver that indexes 300k+ CVEs across multiple DBs.
- The project produced thousands of doc lines and a Dockerized app that builds SQLite DBs and searches exploit sources.
Use Phases And Checkpoints
- Ask Claude to create a phased plan with explicit checkpoints before implementing large features.
- Use the keyword "checkpoint" to control which substeps to run and avoid unwanted extrapolation.
Tell Claude Your Tech Constraints
- Drive the technology choices in prompts and ask Claude to justify architecture before coding.
- Tell it which frameworks, DBs, and design constraints to use to avoid uncontrolled decisions.