Hi everyone,

This week I’ve continued to have fun with AI. My initial optimism at Google’s Gemini Deep Research ran into a headwind of their AI safety guardrails.

While the tool performs well, it just isn’t flexible enough or fast enough to out-compete Open AI’s Deep Research just yet.

In today’s article I’m going to write about vibe coding with Windsurf, predicting the job market impacts of these tools, and discuss how to manage the risks of vibe coding.

Part 1: Vibe Coding With Windsurf

Windsurf Editor is an “agentic IDE” product made by a company called Codeium.

What is an IDE? An Integrated Development Environment is just a tool used by developers to write, test, and deploy code.

What is an agentic IDE? An agentic IDE is how Codeium are explaining what their tool does over and above what a standard IDE does.

The idea behind an agentic IDE is that you combine the latest LLM models, developer tools, and human chat interaction, to enable end-to-end task completion.

A standard development process might involve a product manager writing up a specification and then an engineering team building it out over time.

There’s an iterative feedback loop - development, build testing, customer feedback, production data - all performed in a high-labour cost fashion.

A development process in an agentic IDE is going for the same outcome of working software, but pushing as many tasks and sub-tasks to a trained LLM model as possible.

The feedback mechanism is drastically shortened. Through chatting to the Cascade chat tool in Windsurf, the user can issue tasks and observe the output.

So I think the best way to frame an agentic IDE is as a high-leverage tool. The person with the idea can just type-test-type-test without needing to interact with anyone else.

You can click through approving commands step-by-step until you get a “completed” project that works for extremely-low-effort.

You can watch as each step is completing. You can circle back and ask how the build matches up to the initial requirements. Cascade can set up all services you need to run a test environment and close them down afterwards. You can try it out yourself (we both get 500 flex credits if you sign up from this link).

I’m not a developer, but am technical enough to use the command line when required and have had enough delivery experience working with developers to be aware of a number of “development hygiene” factors that you might want to take into account.

This makes me an ideal “end user” of a tool like this. A skilled developer will be able to use tools like this in time to generate far more output or improve the performance of legacy code.

There will obviously be enormous bugs, cybersecurity incidents, and data breaches, from people vibe coding their way to success without any guardrails.

The point of the agentic AI tools is the speed - over time it will enable the possibility of one-person firms solving niche problems.

A technical-enough business owner rolling-their-own software to solve a problem instead of paying for expensive enterprise SaaS subscriptions.

This is going to have some job market impacts, which I’ll start exploring below.

Share

Part 2: Predicting Job Market Impacts

I won't elaborate on the obvious benefits of vibe coding for independent developers and startup founders. Instead, I'll focus my analysis on its impact on the job market for developers in traditional 9-5 roles.

The most significant effect of AI and vibe coding will be on the mindset of board directors and C-level executives, who already view their technology staff as replaceable resources.

This perspective has driven extensive outsourcing and offshoring over recent decades. These leaders prioritize cost optimization and product delivery over work-life balance, people-first policies, or code elegance.

For executives in heavily regulated industries, this same optimization mentality exists with an additional constraint: ensuring compliance with global regulatory requirements. This means box-ticking exercises reign supreme to “reduce risk”.

In the vibe coding era, forward thinking operators in large enterprise IT departments will experiment aggressively with these tools. They might establish test environments for problematic legacy platforms and, instead of hiring COBOL contractors, allow a vibe coding staff engineer to work within controlled parameters. The focus will be on optimization and simplification tasks like "Convert this COBOL Java SQL SFTP stack to Rust and Kafka."

While some experiments will fail dramatically, others will deliver rapid results. As long as basic compliance requirements and controls are satisfied, some experiments may progress to production environments. When this happens, it will trigger significant changes throughout large IT bureaucracies.

Soon after, business stakeholders will demand the ability to conduct their own vibe coding within established guardrails. They'll bypass business partners and investment committees and program management offices, creating their own point solutions as needed.

Adding more developers to software projects rarely improves efficiency. With agentic AI model context protocols, top developers will produce substantially more output in less time. Some teams will just stop hiring graduates or juniors at all, from reading social media posts this may have already started at some shops!

Consequently, finance departments will analyze these results and push for cost savings, stat. Outsourcing and offshoring are already standard cost saving measures at BigCorps, but how much more aggressive will these practices become when internal charges in the millions can be replaced with clearly defined costs of $784 for millions of tokens consumed by the vibe process and $6,054 for developer time? The final outcome is pretty dire for all but the highest-skilled technologists coming up with and bringing the valuable ideas to market.

A common approach to technology transformation starts with a clean slate: "If you were building this from scratch, how would you implement it?" When business stakeholders begin creating viable proofs of concept through vibe coding projects that are just one successful security test away from production readiness how can the entire labor market not undergo fundamental change within a few years?

So essentially I think the job market impact is going to be slow-burning at first, and then come in waves of redundancies and job loss as legacy stacks are converted / upgraded / decommissioned over time. A lot of well-funded startups will also collapse as business owners baulk at paying thousands or tens of thousands of dollars a month for tools that they may be able to “vibe code” to 80/20 level at a fraction of the cost.

Self-healing and self-upgrading agentic platforms will further accelerate the product lifecycle towards more automation and more abstract high-level direction from the people who have the ideas. Some of the autonomous database tools that came out a few years ago might give you ideas of where this could end up.

Share

Part 3: Managing The Risks of Vibe Coding

Vibe coding brings major risks that companies need to watch out for. Bugs and errors in code are still a big problem, and AI-made solutions might look good but have hidden flaws. Regular testing methods might miss these problems since AI can create complex code much faster than humans can check it. This speed gap between making code and testing it could lead to serious issues when systems go live.

Of course, this is partly a skill issue on the part of the developer using vibe coding - you can ensure that unit tests are built into the code generation and make them execute successfully before each build. The risk is people who have never been involved in production deployment of technology not realising the importance of building all of these checks and controls into the process of vibe coding.

Security is another big worry with vibe coding. AI might accidentally include weak points in the code that hackers can attack. Worse yet, bad actors could use these same AI tools to find and exploit weaknesses faster than ever before. Again, this is another skill issue, as good developers will always harden their applications during development and testing. The random vibe coder who is not technical can definitely create enormous security problems unless they are conscientious and research “what they should do” to manage these risks - many won’t - which will cause untold number of scandals but that’s part of the hype cycle.

Some vibe coders will even get a security company to perform code review and penetration testing ahead of any live deployment. In the vibe coding era, perhaps there will be startups that sell certified “security guardrails” around code built and deployed from these IDEs to keep the vibes flowing without the need for ideas people to think about this stuff. Can it really be pushed down to the machine though? A lot of it is checklists and learning from past mistakes. So yeah, that is exactly what all of this new technology is going to be good at.

Other Things To Mention This Week

Over at Global Custody Pro this week I wrote about the risks in the US Treasury repo market and what a recent TMPG consultation paper suggested.

I’ve signed up for Bluesky but am quite amazed at how quiet it is compared to X. Substack Notes is far more enjoyable for a less noisy social media experience at the moment.

You can vote in the poll or leave a comment below. I’d be interested in hearing from you about vibe coding.

Until next week,

Brennan

Leave a comment