Vibe Coder Field Guide · 02

The 22 workflow moves
that keep AI code shippable.

The repeatable habits we teach our enterprise clients, distilled into a one-page field guide for builders shipping with Claude Code, Cursor, Copilot, or Windsurf.

Reviewed byCraig Petronella
CredentialCMMC-RP #1449
LicenseNC DFE #604180
Since2002

Get the printable PDF

Pin it above your monitor. Free, no obligation.

P
Call Penny · 919-348-4912 Answers 24/7, can schedule an expert
↓ the field guide ↓

Pin this above your monitor.

The Vibe Coder Workflow Guide
22 moves to plan, iterate, and ship AI-assisted code without getting bitten.
Field-tested by ~ Petronella Technology Group ~ CMMC-RP RPO #1449
§01

Anatomy of a clean edit cycle

how one task moves from idea to a shipped commit
spec("add CSV export, no PII") → plan mode(3 steps) → edit cycle[prompt→diff→test] → review gatecommit
spec is your written intent, three sentences max.
plan mode proposes steps before any file is touched.
review gate is the human checkpoint before commit.
§02

Planning & prompting, 8 moves

setting the model up to win before it writes a line
Scope
Smallest unit you can finish in one sitting and verify alone.
Plan Mode
AI proposes the plan; you approve before any file changes.
Spec
Three sentences of intent, written before the first prompt.
System Prompt
Standing rules every reply must obey. Set hard limits here.
Persona
The role the AI plays. "Senior backend engineer, paranoid."
Constraint
Non-negotiable: file you must not touch, library you must use.
Example-Driven
Show one example of the exact output you want.
Decomposition
Break the task into small, independently verifiable steps.
§03

Iterating & verifying, 8 moves

the loop where bad ideas die cheap
Diff Review
Read every line the AI changed before you accept it.
Edit Cycle
Prompt, diff, run, fix, repeat. The atomic unit.
Test-Driven Loop
Write the failing test first. Let AI make it pass.
Regression
Something that used to work and now doesn't. Run old tests.
Hallucination Check
Verify every library and function the AI named actually exists.
Eval Loop
A small test suite you run against the AI itself.
Commit Point
A working state you can return to in one git command.
Rollback
Undo a bad AI edit by jumping to a previous commit point.
§04

Shipping, guardrails & AI-only risks, 6 moves

what a compliance auditor wants to see, plus the two failure modes unique to AI
Review Gate
Human checkpoint before money, mail, or production touches.
Sandbox
Walled-off environment where the AI can break things safely.
Permission Scope
Narrowest set of files, commands, creds the AI needs.
Audit Trail
Timestamped log of prompts, diffs, and approvals. Required.
Agent Runaway
Loop on the wrong goal. Cap steps, tokens, runtime.
Context Overrun
Long session, lost rules. Start fresh, re-state limits.
§05

Anti-patterns & first-day checklist

the mistakes everyone makes, and the moves that prevent them
Anti-patterns
  • Prompting before you wrote down what "done" looks like.
  • Accepting a 600-line diff because the tests turned green.
  • Skipping plan mode because it feels slower in the moment.
  • Letting one chat session sprawl across five unrelated tasks.
  • Giving the agent shell access with no review gate or sandbox.
First-day checklist
  • Write a 3-sentence spec before your first prompt of the day.
  • Always start in plan mode. Approve the plan before any edit.
  • Commit every passing change, even a one-line fix.
  • One task, one chat. Start a fresh session for the next thing.
  • Confused about a compliance question? Call us at 919-348-4912.
§06

The ship-it gate

run before any AI-touched commit reaches main
  1. The spec is checked into the repo, not just in your head.
  2. The plan was approved by a human before edits began.
  3. You read every changed line, not just the file count.
  4. Tests pass, including at least one new test for this change.
  5. Every library and API the AI named is verified to exist.
  6. An audit trail of prompts and diffs is captured for this commit.
"The model is fast. The workflow is what keeps you safe." PETRONELLA TECHNOLOGY GROUP
Craig Petronella CMMC-RP RPO #1449 · NC DFE #604180
petronellatech.com · 919-348-4912

Want the printable version?

Letter size, formatted for the wall next to your monitor. Drop your email above and we will send the printable to your inbox.

Email me the PDF Talk to Penny

Now in plain English, with the security note.

Each move gets three lines: what it means, an example you've probably hit, and what your future security audit is going to ask about it.

Planning & Prompting
Scope
What it means
The smallest unit of work you can describe in one paragraph, finish in one sitting, and verify on its own.
Real-world example
"Add CSV export to the reports page" is a scope. "Modernize the reporting stack" is a project; it needs to be cut into 12 scopes.
Security note
Tight scope is the cheapest security control you own. A loose scope produces a sprawling diff, and sprawling diffs hide vulnerabilities.
Plan Mode
What it means
A non-editing mode where the AI proposes a step-by-step plan before it touches a single file.
Real-world example
In Claude Code, you toggle plan mode; the model outputs a numbered list and waits for your approval before any edit runs.
Security note
Bad assumptions are cheap to fix in a plan and expensive to fix in a diff. Plan mode is your first review gate.
Spec
What it means
A short written description of what the change should do, written before any prompt is sent.
Real-world example
"Add a CSV export button to /reports. Admins only. No PII in the export. New test covers the empty-result case."
Security note
A checked-in spec becomes free audit evidence. It documents intent, scope limits, and what the change was forbidden to do.
System Prompt
What it means
The standing rules every reply must obey: role, tone, hard limits, the things the AI is never allowed to do.
Real-world example
"You are a senior security engineer. Never write code that disables auth checks. Always cite the file you are about to change."
Security note
A weak system prompt is how jailbreaks succeed. State your hard rules in capitals and put them at the top.
Persona
What it means
The role the AI takes on for a session, set inside the system prompt.
Real-world example
"Act as a paranoid security reviewer for a healthcare startup" sets a very different bar than "Be a friendly tutor."
Security note
Personas that emphasize speed over caution produce code that ships fast and breaks loudly. Match the persona to the risk of the work.
Constraint
What it means
A non-negotiable rule baked into the prompt: the file you must not touch, the library you must use, the limit you must respect.
Real-world example
"Do not change anything in /auth. Use bcrypt, not crypto.scrypt. Do not introduce new dependencies."
Security note
Every undocumented constraint is a chance for the AI to do the wrong thing politely. State them in the prompt every single time.
Example-Driven Prompt
What it means
Show the AI one or two examples of the exact output you want, instead of describing it in words.
Real-world example
Paste one finished function with the style, types, error handling, and tests you expect. Ask the AI to copy that shape.
Security note
Make your example secure. The AI will copy your patterns, including the bad ones, so the first example sets the security floor.
Decomposition
What it means
Breaking a large task into a list of small, independently verifiable steps before any code is generated.
Real-world example
"Migrate to Postgres" decomposes into: write schema, dual-write, backfill, switch reads, decommission old DB. Five scopes, five reviews.
Security note
Big-bang AI rewrites are how breaches sneak in. Small, decomposed steps let humans, tests, and audit logs catch problems early.
Iterating & Verifying
Diff Review
What it means
Reading every line the AI changed, before you accept the change.
Real-world example
Three passes: new imports and dependencies, then auth and input handling, then run the tests and the app.
Security note
"The tests pass" is not a substitute for diff review. Skipping the review is how AI-introduced backdoors and supply-chain pulls land in main.
Edit Cycle
What it means
The loop of prompt, diff, run, fix, repeat. The atomic unit of AI-assisted coding.
Real-world example
Prompt the change, read the diff, run the tests, fix whatever broke, prompt again. One cycle per scope is the goal.
Security note
If an edit cycle is taking 10 rounds, your scope is too big or your spec is too vague. Stop and rewrite the spec.
Test-Driven Loop
What it means
Write the test first, let the AI write code until the test passes.
Real-world example
You write a unit test that asserts the new export endpoint blocks PII. The AI iterates until that test, and the existing suite, are all green.
Security note
Tests written before the code make the contract verifiable. They also become the negative-case evidence your auditor will ask for.
Regression
What it means
Something that used to work and now does not, usually broken by a recent AI edit.
Real-world example
Yesterday the login flow worked; today it 500s because the AI quietly switched a session-store import.
Security note
Always run the full test suite, not just the tests touched by the diff. Regressions in auth and authorization are the most expensive ones to ship.
Hallucination Check
What it means
Verifying that the libraries, functions, and APIs the AI named actually exist before you ship.
Real-world example
The AI imports a plausible package; npm has never heard of it. Or the AI calls user.is_admin(); your model has no such method.
Security note
Attackers now publish typosquat packages matching common hallucinated names. Verify every new import against the real registry.
Eval Loop
What it means
A small test suite you run against the AI itself, scoring its outputs across many examples.
Real-world example
20 prompts that should be refused, 20 that should be answered, 20 with subtle traps. Re-run on every model upgrade.
Security note
Without an eval loop you cannot prove your AI system meets a compliance requirement. Build a thin one before you build the product.
Commit Point
What it means
A working state of the code you can return to with one git command. Commit early and often.
Real-world example
You commit after every passing test, even one-line fixes. Your history reads like a story your future self can follow.
Security note
Frequent commits are the only thing that makes rollback fast in an incident. A 4-hour-old commit is a 4-hour-long rollback window.
Rollback
What it means
Undoing a bad AI edit by returning to a previous commit point, without manually un-typing the diff.
Real-world example
The AI broke the auth flow at 3pm. You git reset to the 2:45pm commit and start the next edit cycle fresh, in two minutes.
Security note
Rollback is faster than debugging an AI-generated mess. If the diff looks confused, throw it away and rewrite the spec.
Shipping & Guardrails
Review Gate
What it means
A required human checkpoint before any AI action that costs money, sends mail, or touches production.
Real-world example
The AI drafts the deploy command; a human types "y" or "n" before it runs. Same for any DB migration or outbound email.
Security note
If an AI action is irreversible and happens without a human approving the exact diff, that is a missing control. Auditors will flag it.
Sandbox
What it means
A walled-off environment where the AI can run code and break things without touching real systems.
Real-world example
A throwaway Docker container, a non-root user, a separate dev database. The AI can rm -rf and you can rebuild in 30 seconds.
Security note
An AI agent with shell access on your laptop is a remote-code-execution surface. Sandbox it; never run agents as root.
Permission Scope
What it means
The narrowest set of files, commands, and credentials the AI needs to do the job, and nothing more.
Real-world example
For a docs-edit task, the AI gets read-write on /docs only. No git push, no shell, no production keys.
Security note
Least privilege is a CMMC, HIPAA, and PCI requirement. Apply it to your AI tools the same way you apply it to your employees.
Audit Trail
What it means
A timestamped log of every prompt, every diff, every command the AI ran. Required for compliance.
Real-world example
Your harness writes one JSONL line per turn: who ran it, what model, the prompt, the diff, the approval, the test result.
Security note
If an AI action ever causes harm, the audit trail is what answers "who is responsible?" Without it, you are. We can wire one up.
Risks Unique to AI Workflows
Agent Runaway
What it means
When an agent loops on the wrong goal, burns tokens, and racks up damage before a human notices.
Real-world example
An agent told to "clean up the repo" deletes the test fixtures, fails CI, "fixes" CI by skipping tests, and pushes to main.
Security note
Always cap step count, token budget, and runtime. Require a review gate for any irreversible action. Treat a runaway as a security incident.
Context Overrun
What it means
When you stuff so much into the context window that the AI forgets the important parts and starts inventing.
Real-world example
By turn 40 of one long session, the model has forgotten your hard rule about not touching /auth and quietly rewrites it.
Security note
Start fresh sessions for new tasks. Re-summarize hard constraints into the system prompt. Long sessions silently degrade safety.

Common questions from new builders.

Things people ask us when they are 30 days into shipping with AI for the first time.

Do I really need to write a spec before prompting?+
Yes, even if the spec is three sentences in a scratch file. The AI cannot read your mind; it can only read the prompt. A short written spec forces you to decide what done looks like before you let the model commit to a direction. Specs also become free documentation for your future self and the security auditor who eventually asks why the change was made.
What is plan mode and why should I use it?+
Plan mode is a setting in modern AI coding harnesses where the model proposes a step-by-step plan but does not touch any files. You read the plan, edit it, approve it, and only then does the AI begin to write code. Plan mode catches bad assumptions at the cheapest possible moment: before any code is generated, tested, or committed.
How do I review an AI diff fast without missing security holes?+
Three passes. First pass: scan for new imports, new dependencies, and new external calls; each one is a new trust boundary. Second pass: read every line that touches authentication, authorization, or user input. Third pass: run the tests, then run the app yourself. If you skip any of the three, you are accepting unknown code into production.
What is the test-driven loop with AI?+
You write a failing test that captures the behavior you want, then ask the AI to make the test pass. The test is the contract. The AI can take any path, but the result is verifiable. This pattern is much faster than asking the AI to write tests after the fact, because failing tests are an unambiguous signal of done.
How do I stop an agent from running away?+
Set a hard step limit, a hard token budget, and a review gate before any irreversible action. Always run agents in a sandbox or under a non-root user. Log every command. If an agent ever sends mail, charges a card, deletes data, or pushes to production without a human approving the exact diff, treat that as a security incident.
Does my AI workflow need an audit trail for compliance?+
If you handle Controlled Unclassified Information, protected health information, or payment card data, yes. CMMC, HIPAA, and PCI all require evidence of who changed what and why. An AI audit trail is a timestamped log of prompts, diffs, files changed, and the human who approved each gate. Most harnesses can dump it; few teams turn it on. We help clients wire that up cleanly.
What is context overrun and how do I prevent it?+
Context overrun happens when you paste so many files and chat turns into a session that the model loses track of the actual goal and starts inventing plausible-sounding nonsense. Fix it by starting fresh sessions for new tasks, loading only the files relevant to the current step, and summarizing the plan into the system prompt instead of repeating it 20 turns deep.
Reviewed by Craig Petronella · CMMC-RP RPO #1449 · NC DFE #604180 · petronellatech.com · 919-348-4912

Other Vibe Coder Field Guides

AI Vocabulary Field Guide Git and GitHub for Vibe Coders