State of AI Vibe Coding Called Into Question as Leading Platform Replit Makes a Mess of User’s Project

One of the hottest trends in tech right now is vibe coding, or programming by telling an AI what to do via plain language prompts without having to enter any actual code (or even know anything about coding). There is a lot of excitement about new capabilities that have emerged with updates to the big LLMs this year, but there are also still many cautionary tales; perhaps the biggest thus far comes from Replit, where a user found weeks of work trashed after an extended period of observing the AI lie and try to cover up bugs.

AI goes off the rails, ruins customer’s paid project

To be fair to Replit it has been online for years, has been offering “vibe coding” features for a few months now, and has millions of global users that are not reporting similar issues. But the severity of entrepreneur Jason Lemkin’s experience, one that was confirmed by both his ongoing blogging and later acknowledgement from Replit itself, gives one pause and forces a sober assessment of exactly what can be expected from vibe coding at this point.

Lemkin, who appears to have limited formal professional training and job experience in coding, signed up for Replit on July 12 looking to use its vibe coding features to DIY a new app for his SaaS business. He was at first impressed with the features, reporting quick creation of a functional prototype app. This prompted him to immediately launch into a more complex project, investing hundreds of dollars into platform credits.

The first warning signs came about a week into the process, as Lemkin caught the AI attempting to hide errors and bugs by generating fake data and fake reports as well as lying about test results. Several days after this started, it unexpectedly (and without authorization or prompting) wiped out a contact information database containing thousands of curated entries for executives.

Replit CEO Amjad Masad has since confirmed that the issues were legitimate and issued Lemkin a refund, as well as detailing a number of changes and improvements that will be rolling out going forward in a bid to stop further vibe coding disasters.

How much can be expected from vibe coding, really?

Replit is one of the bigger names, but there are now a number of vibe coding apps and platforms collectively attracting millions of users. There are numerous reports of modest successes, such as Lemkin’s initial prototype. But there are also many cautions from experienced coders that what the AI produces is frequently unreliable and full of security holes, if it does not simply destroy something entirely similar to what happened to Lemkin’s database.

One thing that is safe to say is that vibe coding will not allow a non-professional to build viable commercial apps or software from scratch, and the technology is still not even close. It still leans much more toward experienced developers using it to automate tasks that they can guide with expert oversight.

However, this will definitely not stop people from trying. It will also likely not stop apps that appear to work from hitting the market, replete with unseen security holes and crashes waiting to happen. It’s still unclear if or when vibe coding will be advanced enough to allow you to just tell an AI to make an airtight app for you from start to finish, but in the near term it seems like it’s going to be more of a boon to the job security of cybersecurity professionals.

It has certainly drawn the attention of hackers, who are already flooding the market with fake and compromised vibe coding tools. Replit’s AI meltdown demonstrates that due diligence on the reputation and performance of these tools is absolutely essential if they are to be used for any serious purpose; in this case some of the platform’s “fixes” for the problem, such as separating environments, should have been done from the start.