‘Vibecoding’ Privacy Risks Require Keeping Humans in the Loop

AI-performed coding doesn’t always apply the security best practices needed to avoid data breaches, undercutting its goals of streamlining application development and making it accessible to those lacking tech expertise.

Because artificial intelligence tools can’t build apps with the security controls necessary to prevent a data breach—and therefore litigation—human supervision remains a necessary part of the development process.

But to catch AI mistakes, human supervisors need to know what to look for.

“Because people that are not developers are building the apps, the chances they have mistakes are even larger” than if trained professionals were building them directly, said Ami Luttwak, chief technologist at cloud security company Wiz. And separate security teams may struggle to catch every error across a bigger amount of source code, he said.

In the event of a breach, the resultant lawsuits will likely put a significant pressure point on companies that incorporate AI into programming flows, requiring them to document how they used vibecoding so they can demonstrate they met a reasonable security standard, said Justine Phillips, a cybersecurity attorney at Baker McKenzie.

Automated Future

Vibecoding can describe either people with less technical savvy asking AI to create programs from a prompt or engineers directing AI agents to produce computer code.

A 2025 annual survey by programming question-and-answer site Stack Overflow found that 84% of respondents—professional and aspiring developers—were using AI in their development process or planning to in some way.

But all of the AI agents tested by cybersecurity firm Tenzai in an experiment measuring whether coding agents could reliably produce secure results introduced significant vulnerabilities, according to a January blog post.

Such mistakes could, for example, allow unauthorized people to see orders placed by any shopper on a website or allow a hacker to use a brute force attack to bypass a login page without account lockout mechanisms, it said.

As more people vibecode, “you’re going to see non-technical professionals potentially building things and introducing them into the environment without oversight and without governance,” possibly with sensitive information, said Melissa Bischoping, Senior Director of Security & Product Design Research at autonomous IT firm Tanium.

Data Breach Litigation

But the owner of an application still has the responsibility to perform sufficient security testing, Luttwak said.

And the solution, at least for now, isn’t more automation.

If AI tools can’t catch the security issues they introduce, that’s going to lead to security problems for consumers, according to Matthew Wilson of plaintiffs'-side firm Meyer Wilson Werning. Those consumers could sue.

“Ultimately the question for me is were you entrusted in some way or another with private information? And if you were, did it get out?” Wilson asked. If so, there’s possible liability, irrespective of whether a human or an autonomous agent made the error.

How the breach occurred might be interesting, Wilson said, “but it doesn’t really matter that much to the law because it shouldn’t have happened regardless of how it happened.”

Defeating such claims requires defendants to show they took reasonable security precautions.

That can, and typically does, start with high-level policy documents that lay out the risk and the processes to manage it, Phillips said.

Erin Prest, co-lead of McCarter & English’s cybersecurity and data security practice, said she’d recommend that companies document their AI prompting inputs and outputs to make a record for the sake of discovery. She’d also recommend limiting AI use to areas “where if it does go wrong or have a vulnerability, it’s less likely to impact your entire company or your entire business.”

And institutions that handle regulated data—such as in the healthcare and financial sectors—should “be thoughtful” about when to combine programs handling that data with AI technology, said Adam Aft, head of Baker McKenzie’s Technology Transactions practice.

No federal court has yet addressed a data breach that exploited vibecoded software, but companies looking to minimize potential liability may need to show that they took steps to mitigate the possibility of a breach.

“I haven’t yet sued anyone in a vibecoding case, but certainly it’s coming,” Wilson said.

Complement, Not Replace

Jody Bailey, chief product & technology officer at Stack Overflow, said tools like Anthropic PBC’s Claude Opus and OpenAI’s Codex have improved dramatically since their survey, and that improvement may convince more developers to use AI as they see evidence of efficiency gains.

AI is getting better at security tasks “at a rate that is almost unprecedented,” Bischoping said.

Although it’s not guaranteed that AI will ever get to a point where it can truly perform adequate IT security on its own, humans may adopt a more supervisory role—managing and acting in tandem with autonomous systems, she said.

Anthropic in March released a tool that performs automated security reviews to help developers catch common issues. But automated testing “should complement, not replace, your existing security practices and manual code reviews,” it said.

The AI company said it continues to invest in improving the security of code that Claude writes and reviews.

“Even the AI companies are telling you, ‘wait, no, don’t assume it’s secure,’” Luttwak said.

AI’s inability to catch every security flaw by itself won’t slow down its adoption, Bischoping said.

But companies should be wary of the impact a breach can have on the bottom line: “You’re not going to be able to get away with saying, ‘well, the AI did it, it’s not our fault,” if ultimately a breach was the result of something the AI failed to catch, she said.

“I think it will definitely be a PR nightmare when that happens,” she said.