The VibeSec reckoning: Why prompting your AI to be secure isn't enough

2026-05-29 · Source: Thoughtworks Insights · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Intermediate, long

Summary

Thoughtworks' Global Marketing AI applications team encountered significant security vulnerabilities when scaling a "vibe coded" prototype built with Gemini, Replit AI, and Claude AI. They discovered instances where AI suggested public storage access and excessive token permissions, both posing severe risks like data leakage and lateral movement within cloud workspaces. Research from 2026 confirms these are not isolated incidents, with 25% of AI-generated code containing vulnerabilities and 1 in 5 enterprise breaches linked to it. The article argues that relying solely on AI prompts for security is insufficient, as prompts can be overridden or misunderstood. Instead, security must be enforced through deterministic checks and codified rules within the development lifecycle, akin to "harness engineering." This approach ensures that even non-technical "citizen builders" adhere to enterprise security standards, protecting client trust and brand integrity.

Key takeaway

For MLOps Engineers or AI Security Engineers deploying AI-assisted applications, relying on prompts for security is a critical vulnerability. You must implement deterministic security gates and a structured "security context file" within your CI/CD pipelines. This ensures AI-generated code adheres to zero trust, proper secrets management, and supply chain integrity, preventing data breaches and maintaining compliance. Proactively question AI-suggested permissions and integrate red team prompts to harden your systems.

Key insights

AI-assisted development requires codified, deterministic security enforcement beyond mere prompts.

Principles

• AI tools often suggest the path of least resistance, not the secure one.
• Prompts are suggestions; security requires non-negotiable, enforced rules.
• Harness engineering wraps agents in controls: guides/sensors, computational/inferential.

Method

Integrate a versioned "security context file" with technical rules into AI coding sessions, paired with automated computational sensors in the pipeline to validate output and enforce policies.

In practice

• Feed organizational security guidelines as "Rules" into AI tools.
• Question every permission the AI suggests, especially broad access.
• Use red team prompts to uncover vulnerabilities in AI-generated code.

Topics

• AI Security
• Harness Engineering
• Secure Development Lifecycle
• Cloud Security
• Prompt Engineering
• Vulnerability Management

Best for: AI Security Engineer, MLOps Engineer, Software Engineer

Related on AIssential

• The VibeSec Reckoning — AI-generated code often prioritizes ease over security; robust guardrails beyond prompts are essential to prevent systemic vulnerabilities.
• AI Is Shipping Your Code. Nobody Told It How Attackers Think. — AI-generated code lacks adversarial thinking, leading to security vulnerabilities in production.
• The EchoLeak Lesson: Why Production AI Agents Need Real Security — Zero-click prompt injection exploits hidden instructions in user-facing content to compromise AI agents.
• Should you let OpenClaw pen test your system? Plus: Cybersecurity for ephemeral software — AI agents offer significant potential for cybersecurity, but require careful management and integration to be effective and safe.
• I Read Cursor's Security Agent Prompts, So You Don't Have To — Simple LLM prompts, when supported by robust orchestration, can effectively automate security reviews at scale.
• Building AI Security with Our Customers: 5 Lessons from Evo’s Design Partner Program — Effective AI security requires continuous visibility, tailored detection, and enforced policies for custom and agentic AI systems.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Thoughtworks Insights.