Summary

Fowler's team at Thoughtworks discovered serious security vulnerabilities when scaling a vibe-coded prototype, where AI tools recommended making storage buckets public and assigning excessive token permissions. The post argues that prompting AI to be secure is fundamentally insufficient — organizations must enforce security through deterministic checks, structured context files, and deployment gates. Drawing on harness engineering concepts, the article distinguishes between inferential controls (prompts) and computational controls (linters, scanners) that actually prevent insecure code from shipping. The piece provides a practical roadmap from short-term habits to long-term organizational changes for securing AI-generated code.

Key Insight

Securing AI-generated code requires moving from probabilistic prompt-based suggestions to deterministic, automated enforcement gates that structurally prevent insecure code from reaching production.

Spicy Quotes (click to share)

• 5

  Speed without guardrails is a risk no team can afford to ignore.

• 6

  AI tools often suggest the path of least resistance. That path is not always the secure path.

• 7

  Telling an AI agent to be safe is not the same as enforcing that it is safe.

• 6

  Prompts can be overridden, misunderstood, or ignored. The moment a user pushes back on a restriction, or phrases a request differently, the constraint can evaporate.

• 7

  Prompting for test-driven development is not the same as enforcing code coverage thresholds in your build tool. One is a suggestion. The other is a gate.

• 5

  The path of least resistance and the secure path are rarely the same thing.

• 4

  Passive security awareness is not enough when AI is generating code at speed.

• 3

  That shift — from depending on humans to catch issues, to building technical security rules, automated checks and human accountability into the workflow — has become our blueprint for moving fast while maintaining engineering rigor in the agentic era.

Tone

cautionary-practical