The Reality of Vibe Coding: AI Agents and the Security Debt Crisis

Source: Towards Data Science

Moltbook: An AI‑Driven Social Network and Its Security Fallout

In the past month, a social network run entirely by AI agents captured the internet’s imagination.

Moltbook is essentially a platform where autonomous bots post, reply, and interact without any human intervention. For a few days it dominated conversations online—agents formed cults, ranted about humans, and even began building their own society.

The Leak

Security firm Wiz released a report exposing a massive data breach in the Moltbook ecosystem¹. A mis‑configured Supabase database made the following information publicly accessible:

• 1.5 million API keys
• 35 000 user email addresses

Root Cause: “Vibe Coding”

The breach wasn’t the result of a sophisticated hack. It stemmed from vibe coding—a development approach that prioritises speed and shortcuts over security. In this case, developers built the system rapidly, overlooking critical vulnerabilities introduced by the coding agents themselves.

Reality of vibe coding: Coding agents optimize for making code run, not for making code safe.

Takeaways

1. Speed ≠ Security – Rapid development can hide serious flaws.
2. Agent‑Generated Code Needs Review – Even autonomous agents can introduce unsafe patterns.
3. Proper Configuration Is Critical – Mis‑configured services (e.g., Supabase) can expose massive amounts of data.

Why Agents Fail

In my research at Columbia University, we evaluated the top coding agents and Vibe coding tools [2]. We uncovered key insights on where these agents fail, highlighting security as one of the most critical failure patterns.

1. Speed over safety – LLMs are optimized for acceptance. The simplest way to get a user to accept a code block is often to make the error message disappear. Unfortunately, the constraint causing the error is sometimes a safety guard. In practice, we observed agents removing validation checks, relaxing database policies, or disabling authentication flows simply to resolve runtime errors.

2. AI is unaware of side effects – AI often lacks full code‑base context, especially in large, complex architectures. We saw this constantly with refactoring: an agent fixes a bug in one file but introduces breaking changes or security leaks in files that reference it, simply because it didn’t see the connection.

3. Pattern matching, not judgement – LLMs don’t actually understand the semantics or implications of the code they write. They merely predict the next tokens based on their training data. They don’t know why a security check exists, or that removing it creates risk. To an AI, a security wall is just a bug preventing the code from running.

These failure patterns aren’t theoretical—they appear constantly in day‑to‑day development. Below are a few simple examples I encountered during my research.

3 Vibe‑Coding Security Bugs I’ve Seen Recently

1. Leaked API Keys

You need to call an external API (e.g., OpenAI) from a React frontend. The “fix” the agent suggests is to paste the API key at the top of the file:

// What the agent writes
const response = await fetch('https://api.openai.com/v1/...', {
  headers: {
    Authorization: 'Bearer sk-proj-12345...' // 
  }
});

The suggestion rarely includes a sanitizer (e.g., dompurify). Using dangerouslySetInnerHTML without sanitisation leaves the app open to Cross‑Site Scripting (XSS) attacks, allowing malicious scripts to run on users’ devices.

These aren’t isolated incidents; they reflect broader trends in AI‑generated code changes:

Sources: [3], [4], [5]

How to Vibe‑Code Correctly

We shouldn’t stop using these tools, but we need to change how we use them.

1. Better Prompts

• Be specific – “make this secure” is too vague for an LLM.
• Adopt spec‑driven development: define security policies and requirements before the agent writes any code. Typical policies include:
  • No public database access.
  • Write unit tests for every new feature.
  • Sanitize all user input.
  • Never hard‑code API keys.
• Ground the policies in a recognized framework such as the OWASP Top 10.
• Use Chain‑of‑Thought prompting: ask the model to reason about security implications first.
  • Example prompt: “What are the security risks of this approach, and how will you avoid them?”

Research shows that this reasoning step dramatically reduces insecure outputs.

2. Better Reviews

• Vibe‑coding tempts us to rely solely on the UI, but we’re not there yet.
• As Andrej Karpathy (who coined “vibe coding”) warns, agents can generate slop if left unchecked.
• Our primary job shifts from writing code to reviewing it—much like supervising an intern.
• Effective review checklist:
  1. View diffs carefully.
  2. Run and verify unit tests.
  3. Assess code quality, readability, and maintainability.

3. Automated Guardrails

• Speed is a core promise of vibe‑coding, but humans can’t catch every issue.
• Automate security checks before code reaches a human reviewer:

Recent work on LLM‑in‑the‑loop verification shows that pairing generative models with deterministic checkers yields far more reliable and safe outcomes.

Conclusion

• Accelerated Development – Coding agents let us build faster than ever before.
• Improved Accessibility – They empower people of all programming backgrounds to create anything they envision.
• Security & Safety First – This speed must not compromise security.
  • Use prompt‑engineering techniques.
  • Review code diffs thoroughly.
  • Provide clear guardrails.

By combining these practices, we can harness AI agents safely and build better applications.

References

• Wiz Blog – Exposed Moltbook Database Reveals Millions of API Keys
• Columbia DAP Lab – 9 Critical Failure Patterns of Coding Agents (Jan 8 2026)
• VibeFactory – API‑Key Security Scanner
• Apiiro Blog – 4× Velocity, 10× Vulnerabilities: AI Coding Assistants Are Shipping More Risks
• CSO Online – AI Coding Assistants Amplify Deeper Cybersecurity Risks

Footnotes

1. Wiz, Moltbook Ecosystem Leak Report, 2024. (Link to the original report, if available.) ↩