Vibe Coding vs. Production Reality: The Undiscussed Liabilities

The post on r/ClaudeAI from user External_Bobcat8183 captures a growing tension. Vibe coding accelerates the 80/20 part of development — PoCs that took a week now take an afternoon. But shipping those same vibe-coded tools as real products introduces a long list of hidden requirements that never appear in demos.

The Iceberg Below the Waterline

According to the post, the demo works and the room is impressed — until you try to run it off the author's machine. The specific failure points mentioned:

• Auth
• Secrets handling
• LLM vendor deprecation or pricing changes
• GDPR compliance when external models touch internal data
• Audit logs
• Rate limiting
• Multi-tenancy

These are the “below the waterline” items that are not optional for any production deployment. The author's conclusion: “PoCs are easier than ever. Products are not.”

Why This Matters for Developers

If you're building an internal RAG system, GRC module, or asset management tool with vibe coding, the source warns that you'll hit these walls the moment someone else tries to use it. The LLM makes the front-end and happy path fast, but the infrastructure around it — auth, secrets, compliance — still requires careful engineering.