Why vibe coding can create tech debt

Share
Email

If you’ve been keeping up with AI developments, you’ve probably heard the term “vibe coding”: using AI tools to generate code quickly, solely from natural language prompts. It can be a fun way to experiment, but it’s risky for long-term or mission-critical business products.

At Vertical Motion, we’ve seen a lot of non-technical builders encounter issues after using AI to create software. In many cases, they didn’t realize that building with AI tends to create tech debt: the “repair debt” that software accumulates over time. A bit of tech debt is often unavoidable in any software project, but AI-generated code creates more of it.

Below is a short summary on why your latest vibe coding experiment might be giving you issues, what to do about them, and how to prevent them in the future.

TL;DR – AI code contains errors that will create more work later

AI tends to create code that’s overly complex, error-prone, or omits important safeguards. For users who can’t edit AI-generated code up front, that might mean ending up with a project that needs a lot of work later. Here’s a brief overview of how AI-generated code works, how it can go wrong, and what you can do to fix it:

Professionals vs. Amateurs

If AI coding is so flawed why do professional developers use it? We’ll cover how developers prompt, read, and screen AI-generated code, and how it creates tech debt when it’s unreviewed and unedited.

Functional omissions

AI-generated code often contains blind spots that miss things like accessibility features, error handling, and unexpected user behaviour. What happens when a user enters a negative number into a product quantity field? These are called functional omissions, and they can impact the security, performance, and usability of your software.

Structural problems

Unstructured code, inconsistent naming conventions, and poor modularity are problems that can make modifications more difficult. AI-generated code tends to have a lot of structural issues, meaning that updates can take hours longer than they otherwise would.

Security vulnerabilities

AI training data can be months or even years old, so it may not consider best security practices unless you know what they are and prompt it to do so. It might fail to properly check what users type into forms, create weak password systems, and choose default settings that leave customer data exposed.

Paying off AI-induced tech debt

Work with a developer, test rigorously, and get an Application Health Assessment if your AI-generated software is giving you issues. Balance innovation with best practices, and you’ll keep costs low in the long run.

Professional developers vs. non-technical AI users

There’s no question that AI gives developers a performance boost: Stack Overflow reports that almost 62% of developers now use AI tools in the development process, and 81% agree it improves productivity. However, those productivity gains look different for non-technical users who aren’t able to edit AI-generated code.

Professional developers know when AI works, and when it doesn’t

The AI productivity boost developers get still depends on their human expertise. Professional developers have the background knowledge to prompt AI with very specific instructions using technical language, and understand whether its output is workable.
They also know that AI’s usefulness decreases for existing projects compared to when it’s scaffolding out new ones. AI has “context blindness,” meaning it struggles to match code to the overall structure of a large system––so in some cases, it may be faster to make edits manually.

Non-technical users may place too much trust in AI

There’s a lot of hype around AI that may give non-developers an exaggerated view of its usefulness. In March, Anthropic CEO Dario Amodei predicted that 90% of code would be AI-generated in just 3-6 months, which was met with skepticism for good reason.

This hype, combined with a reduced barrier to entry for non-specialists, means that many people are jumping on the bandwagon to create new tools with AI. But AI is more of a quick fix than a silver bullet. It can generate a workable prototype pretty quickly, but it often contains omissions and errors that cause problems over time.

Below is a more detailed explanation of some of the ways AI creates tech debt, and what you can do about it.

How AI-generated code creates tech debt

AI-generated code may produce a functional output, but its speed comes at a price. In November 2024, CSET reported that AI models produced bugs 48% of the time – leaving non-specialists can get stuck in a loop trying to prompt away an error.

Functional omissions overlook non-standard use cases

Functional omissions are the invisible gaps in AI-generated code, which excels at coding for what developers call the “happy path”: the default scenario where users behave as expected. Like a house with structural issues, the code will need to be updated to prevent unexpected inputs from causing problems. Below are a few specific examples of how that happens.

What happens when users behave unexpectedly?

Edge cases are situations that happen outside of normal operations, like when a user enters a negative number into your product quantity field. Human developers will often build in instructions for this edge case, but AI-generated code will often work only for standard inputs and fail to account for cases like negative numbers, zero values, or text inputs.

How this impacts tech debt: If you don’t have edge cases built into your software, testing might not catch them until they cause problems in production – and it’s much more costly to rebuild UI components later.

What about accessibility?

Accessibility legislation is evolving across Canada, meaning more Canadian businesses will need to make sure their websites and apps meet accessibility standards to stay compliant. AI tends to miss some important aspects of accessibility, such as building dropdown menus with no keyboard navigation support, creating accessibility issues for users with motor disabilities.

How this impacts tech debt: Missing accessibility features can lead to legal issues and fines, and more Canadian businesses will need to adapt in the coming years. Just like missing edge cases, it’s more costly to build accessibility features into software after it has shipped.

Structural problems make code harder to maintain and update

There are many ways to code for the same output, and AI tools often create unnecessarily complex, poorly organized code. Just like a sentence can be concise or clunky, code can be easy or difficult to read and update. As your software grows, these architectural flaws compound, making maintenance increasingly time-consuming.

Structured code vs. “spaghetti” code

Even if you aren’t a developer, you might be able to spot the difference between the type of well-structured code a developer might write and unstructured “spaghetti code” that AI sometimes produces. Below are two examples of code for an invoice generating tool.

The code on the left is organized into logical sections. Even though it’s longer, it has clear naming and step-by-step processing that will make it easier for human developers to update later. The AI-generated “spaghetti code” on the right is cryptic and condensed, meaning any future changes will mean hours of untangling and refactoring.

How this impacts tech debt: Software will always need updates to fit new browsers, devices, operating systems, and APIs. AI-generated code can make these common updates increasingly difficult and time-consuming.

Security vulnerabilities increase risk of data breaches, performance issues

One 2023 study found that 76% of respondents thought AI code was more secure than human developed code; however, the opposite is often true. AI models may be updated frequently, but their training data is often updated less often – which means it won’t automatically factor in best practices for security when it writes code.

AI uses deprecated (ie, outdated) APIs a lot

One study found that AI models use deprecated APIs 25-38% of the time. APIs connect software to services like Stripe and HubSpot, and they’re updated frequently – but AI training data often contains the older version, which it will use. This creates more work on updates, and your API may have performance and security issues in the meantime.

How this impacts tech debt: Outdated APIs are risky because they aren’t being actively maintained – so they might lack the latest security patches or create performance issues. Since they’re a common target for attackers, it’s important to keep API connections up to date.

AI can ignore security protocols

Prompts that don’t specify security protocols can put systems at risk. For example, a prompt like
“create a user profile page that displays the user’s name,” might produce code that contains a Cross-Site Scripting (XSS) vulnerability. This would allow a user to enter HTML code for their name when creating a profile to redirect other users to a third-party website.

How this impacts tech debt: Security vulnerabilities are the most costly form of technical debt, since they can put the entire business at risk of data breaches and ransomware attacks – and even if they don’t, getting a security certification later will require significant work.

Paying off AI-induced tech debt

Even if your app is functional now, paying off your tech debt can keep costs low in the long run. If you use AI tools, that means fixing structural issues, functional omissions, and security vulnerabilities before they cause bigger problems. Here are a few things to consider at every stage of the process:

If you’re building an app, work with a developer

There’s nothing wrong with creating a simple prototype with AI, but it’s often more cost-effective in the long run to bring in a professional to build out your final product. They’ll be able to keep the functionality you’re after while following best development practices to keep your app safe and easier to maintain.

If you’re ready to launch, test rigorously

Pre-launch testing is a crucial step for spotting issues, especially if you’ve relied on AI to build parts of your app. Test for unusual user inputs and security vulnerabilities that AI-generated code might miss. You can also hire a developer or QA tester at this stage to make sure tests are comprehensive enough.

If you’re experiencing problems, get a thorough health check

Having performance issues you aren’t sure how to fix? Get a thorough health check with our Application Health Assessment to understand where errors are coming from and how to make your app functional again. You’ll also gain better visibility into how your tech stack compares to industry standards, which is especially valuable if you’ve used AI in the development process.

Once you know the risks of AI-generated code (and the extra steps you might need to take to make it functional) you’ll be much better positioned to have fun building with AI.

Balance quick innovation with best practices

If you decide to use AI to code, it’s best to balance enthusiasm with caution. These tools offer unprecedented speed for developers, but they also have important limitations – so using them intentionally is key. Descriptive prompts help, but AI-generated code works best when there’s a human in the loop to spot (and fix) the errors and omissions in its output.

Want to know if your AI-generated code is at risk of creating tech debt? Don’t wait for small issues to become costly problems. At Vertical Motion, our team of industry-leading developers can help you refactor AI-generated code and implement proper testing to ensure your application has a solid foundation for growth.

In conclusion

Vibe code for fun, and for prototypes… but not for mission-critical projects

AI is great for experimenting, but it’s not so great for building tools your business relies on. Although it speeds up coding for professional developers, non-technical users can quickly end up relying on a tool they aren’t able to fix.

When AI-generated code contains omissions, structural problems, and security vulnerabilities, it creates tech debt that you’ll need to address. From refactoring code to fix structural issues to building a stronger security foundation, our team of professional developers can help you make sure your app is safe, functional, and easier to maintain. Contact us today to get started.

Vertical Motion rocket dashing across the page from left to right representing a break in the page.

Let’s Stay Connected!

Vertical Motion is a trusted Canadian software development and entrepreneur assistance company that has supported the global efforts of startups, non-profits, B2B, and B2C businesses since 2006. With headquarters in Calgary and Kelowna, and team members coast to coast, Vertical Motion is recognized as an award-winning leader in the technology industry. Our team of executive advisors, project managers, software developers, business analysts, marketing specialists, and graphic designers have extensive experience in several industries including — Energy, Finance, Blockchain, Real Estate, Health Care, Clean Technology, Clothing & Apparel, Sports & Recreation, Software as a Service (SaaS), and Augmented & Virtual Reality (AR/VR).

Come chat with us and let us take you “From Idea to Execution and Beyond!” 🚀

Scroll to Top