◈ AI Security Intelligence ← All terms
Concept  ·  Glossary

Vibe coding

Definition
A style of software development where a programmer describes what they want in plain language and an AI agent writes, runs, and iterates on the code largely autonomously — the human steers by feel rather than writing every line. The UK's NCSC has published a risk framework specifically addressing the security governance of this practice.
Why it matters
Code produced without careful human review can contain security flaws, exposed secrets, or logic errors at scale; organisations need clear oversight policies to govern how much autonomy AI coding agents are granted based on how critical or public-facing the resulting software is.
Demonstrated by recent findings
NCSC Guidance: 'The Vibe Coding Spectrum' — Risk-Calibrated Oversight for AI-Assisted Software DevelopmentAgentic Coding and Persistent Returns to ExpertiseCursor Editor Executes Malicious Claude Hook Commands from Workspace .claude/settings.local.json Without User Approval
References
NCSC: The Vibe Coding Spectrum — Risk-Calibrated Oversight for AI-Assisted Software Development
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →