A year ago, you typed code. Today, you talk about it.
Somewhere between Andrej Karpathy’s now-famous February 2025 tweet about “vibe coding” and the explosion of tools like Claude Code, Cursor, and Windsurf, the way developers build software changed. We stopped writing every line by hand and started having conversations with AI instead.
But here’s where it gets messy. People started calling everything “vibe coding,” from a Saturday-night side project to the way Anthropic engineers ship production code. Karpathy himself came back in February 2026 to clean it up. He proposed a better name for the serious version: agentic engineering.
So which one are you actually doing? And which one should you be doing?
This guide breaks down both, shows you what they look like in real code, walks through the security traps nobody warns you about, and helps you figure out where each approach actually fits. No buzzwords. No hype. Just the stuff you need to know before your next pull request.
What Is Vibe Coding?
Vibe coding is exactly what it sounds like. You describe what you want in plain English, the AI builds it, and you ship it without reading every line.
You’re going with the flow. The AI is the engineer. You’re the product manager who says “make the button blue” and trusts the result.
It looks something like this:
You: “Build me a to-do app where users can add tasks, mark them done, and filter by status.”AI: Generates 200 lines of React code.You: “Cool, ship it.”
That’s vibe coding. No code review. No questions about architecture. No checking what dependencies got pulled in. Just vibes.
And honestly? It works great for a lot of things. Weekend hacks. Throwaway prototypes. That landing page you need by Friday. A tool only you will ever use.
The problem starts when “ship it” means “deploy to a server with real users and real data.”
What Is Agentic Engineering?
Agentic engineering keeps the same AI tools but adds something vibe coding throws away: your judgment.
You’re still not typing every keystroke. You’re directing AI agents that read your codebase, run tests, fix failures, and open pull requests. But you scope the work, you review the output, and you own the result.
Karpathy split the term into two halves on purpose. Agentic means agent-driven, you’re orchestrating the work, not doing it. Engineering means there’s still craft, judgment, and expertise involved. The agent is your collaborator, not your replacement.
A typical agentic engineering session looks more like:
Write a clear specification (often in a file like AGENTS.md or CLAUDE.md)Ask the agent to plan before it codesLet the agent implement and run the test suiteReview the diff like you would any teammate’s pull requestIterate when something’s off
Less “make me an app.” More “here’s the architecture, here are the constraints, here are the tests, now go.”
The Real Difference, In One Sentence
Vibe coding optimizes for the speed of getting something working. Agentic engineering optimizes for confidence that what got built will keep working.
That’s it. That’s the whole framework.
Speed matters when you’re testing an idea. Confidence matters when other people depend on the thing you built.
Real-Life Code Examples
Let’s get concrete. Here’s the same task handled both ways, so you can see where the gap actually shows up.
The task: Build an API endpoint that lets users update their email address.
Vibe Coding Approach
You’d type something like: “Add an endpoint to update a user’s email.”
The AI gives you this:
app.post(‘/update-email’, async (req, res) => {
const { userId, newEmail } = req.body;
await db.users.update({
where: { id: userId },
data: { email: newEmail }
});
res.json({ success: true });
});
It runs. Postman returns a 200. You move on.
But look at what’s missing. Anyone who knows a userId can change anyone’s email. There’s no authentication check. No validation that the email is actually an email. No rate limiting. No verification email. The user could enter “haha not an email” and it would save.
This is the vibe coding trap. The code works in the narrow sense that it doesn’t crash. It’s also a security incident waiting to happen.
Agentic Engineering Approach
You write a spec first. Something like:
# Task: Email Update Endpoint
## Requirements
– Authenticated users can update their own email only
– New email must be validated (RFC 5322)
– Send a verification email to the new address before committing
– Old email should remain active until verification
– Rate limit: 3 attempts per hour per user
– Audit log entry for the change
## Tests Required
– Unauthorized requests rejected with 401
– Cross-user updates rejected with 403
– Invalid email format rejected with 400
– Rate limit returns 429 after 3 attempts
You hand this to the agent. It plans, implements, runs the tests, and produces something more like:
import rateLimit from ‘express-rate-limit’;
import { z } from ‘zod’;
import { requireAuth } from ‘./middleware/auth.js’;
import { sendVerificationEmail } from ‘./services/email.js’;
import { auditLog } from ‘./services/audit.js’;
const emailSchema = z.object({
newEmail: z.string().email()
});
const limiter = rateLimit({
windowMs: 60 * 60 * 1000,
max: 3,
message: ‘Too many email change attempts’
});
app.post(‘/update-email’, requireAuth, limiter, async (req, res) => {
const result = emailSchema.safeParse(req.body);
if (!result.success) {
return res.status(400).json({ error: ‘Invalid email format’ });
}
const { newEmail } = result.data;
const userId = req.user.id; // from auth middleware, not request body
const token = await createVerificationToken(userId, newEmail);
await sendVerificationEmail(newEmail, token);
await auditLog.record({ userId, action: ’email_change_requested’, newEmail });
res.json({
message: ‘Verification email sent. Please confirm to complete the change.’
});
});
Same feature. Roughly the same effort on your end. Massively different outcome.
The agent did the typing. You did the thinking about what “update an email” actually means in a system real humans use.
When Vibe Coding Is Actually the Right Call
Vibe coding gets dunked on a lot, but it has a real place. Use it when:
You’re prototyping an idea. Speed matters more than polish. You’ll throw the code away anyway.It’s a personal tool. A script that organizes your photos doesn’t need an audit log.The blast radius is tiny. No real users, no real data, no integrations with anything that matters.You’re learning. Sometimes you just need to see code working to understand how something fits together.It’s a one-off. A migration script, a data cleanup, a quick analysis.
Vibe coding is a hammer. Useful, but not for every problem.
When Agentic Engineering Is the Right Call
Pretty much everything else. Specifically:
Production systems. Anything users depend on.Anything touching money, identity, or health data. Mistakes here aren’t bugs, they’re incidents.Multi-developer codebases. Consistency matters when other humans have to read what got built.Long-lived projects. Code you’ll maintain for years deserves the upfront thought.Anything regulated. Healthcare, finance, government, education. Auditors don’t care that “the AI did it.”
The deeper truth: most professional code falls into the agentic engineering bucket. Vibe coding is the exception, not the default.
Security: The Part Everyone Glosses Over
This is where vibe coding goes from risky to genuinely dangerous, and it’s the section most blog posts hand-wave through. Let’s not.
The Numbers
Recent research isn’t kind to AI-generated code. Studies have found that around 45% of AI-generated code contains classic vulnerabilities from the OWASP Top 10, and that figure has barely budged in two years. Roughly 20% of vibe-coded apps ship with serious vulnerabilities or misconfigurations baked in.
Researchers at Georgia Tech’s School of Cybersecurity built a scanner that hunts for AI-introduced vulnerabilities in public security advisories. They’ve already confirmed dozens of cases, with critical and high-risk severity ratings.
This isn’t a future problem. It’s already happening.
What Actually Goes Wrong
Here are the security failures that show up over and over in vibe-coded apps:
Hardcoded secrets. API keys, database passwords, and tokens end up directly in the source code. The AI doesn’t know what’s a secret, so it just leaves placeholders that developers forget to remove.
Authentication that gets quietly weakened. During iterative prompting (“make it work without the login for now”), auth checks get removed and never put back. Endpoints stay exposed.
SQL injection and similar attacks. AI-generated code often concatenates user input directly into queries instead of using parameterized statements. It compiles. It runs. It’s also wide open.
Slopsquatting. This one’s wild. AI sometimes hallucinates package names that don’t exist. Attackers register those exact names with malicious code inside, knowing the AI will keep suggesting them. Your app installs malware on npm install.
Authorization holes. The AI builds the happy path. It rarely checks “should this user be allowed to do this?” The endpoint above (where you can change anyone’s email by passing their userId) is a textbook example.
Dependency bloat. AI pulls in whatever library makes the code work fastest. You end up with hundreds of transitive dependencies you’ve never reviewed, each one a potential entry point.
What Actually Helps
Security in AI-assisted development isn’t about banning the tools. It’s about building habits that catch what AI misses:
Run AI-generated code through static analysis. Tools like Semgrep, Snyk, or your existing SAST scanner. Treat AI output the same way you’d treat code from a junior contractor: assume nothing, verify everything.
Use prompt-level guardrails. Add security requirements to your spec files. Things like “all endpoints require authentication,” “all user input must be validated with a schema,” “never log secrets.” Modern coding agents respect these when they’re in CLAUDE.md or AGENTS.md.
Pin dependencies and review what gets installed. Don’t let the agent freely add packages. Require approval for new dependencies, even if it slows you down.
Test the running app, not just the code. Dynamic Application Security Testing (DAST) tools probe your actual deployed app for vulnerabilities. They catch the stuff that looks fine in code but is exploitable at runtime.
Keep humans in the review loop. Especially for anything touching authentication, payments, or personal data. The agent can implement; a human still needs to approve.
The bottom line: AI doesn’t know your threat model. You do. Don’t outsource that part.
How to Make the Switch (If You Need To)
If you’ve been vibe coding and want to level up to agentic engineering, you don’t have to overhaul everything tomorrow. A reasonable path:
Start writing specs. Even a paragraph helps. Tell the agent what you want, the constraints, and how you’ll know it worked.Add an AGENTS.md or CLAUDE.md to your repo. Describe your stack, your conventions, your security requirements. Every agent that touches the repo will read it.Make tests non-optional. If the agent can’t write a passing test for the change, the change isn’t done.Review the diff before merging. Even a five-minute scan catches a lot.Run a security scan in CI. Set it up once, benefit forever.
You’ll move slower for a week. You’ll move faster for the rest of the project.
Conclusion
Vibe coding and agentic engineering aren’t enemies. They’re tools for different jobs.
If you’re sketching, exploring, or building something that nobody but you will ever use, vibe coding is fine. Have fun. Move fast.
If you’re shipping software that other people will run, depend on, or trust with their data, agentic engineering is the bar. The AI still does most of the typing. You still do the engineering.
The shift happening in 2026 isn’t really about AI replacing developers. It’s about what “being a developer” means now. Less time writing for-loops, more time writing specs. Less time debugging syntax errors, more time reviewing pull requests from agents. Less typing, more thinking.
Pick the right approach for the work in front of you. And whatever you do, please run a security scan before you deploy.
Quick Reference
Found this useful? The agentic engineering field is moving fast; what’s true today might shift in three months. Bookmark this and check back, or experiment with both approaches on your next side project to feel the difference firsthand.
Vibe Coding vs Agentic Engineering: Which One Should You Actually Use in 2026? was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.