Andrej Karpathy says AI-written code may be bloaty and brittle, arguing that human taste and oversight still matter—especially as vibe coding reshapes hiring and raises security risks.
Andrejs Karpathy, the former head of Tesla’s AI effort and an OpenAI founding figure, doesn’t sound impressed by the hype around AI-assisted development—at least not on the quality front.
His point came during a recent talk at Sequoia Capital. where he framed “vibe coding” as a style of software building that leans heavily on AI to write the code while humans do less of the day-to-day implementation.. The term itself has quickly escaped tech circles: it’s been widely shared in engineering communities. and it has become mainstream enough to earn dictionary recognition.
In Karpathy’s view. the bigger issue isn’t whether AI can generate working software—it’s whether that software is clean. maintainable. and thoughtfully designed.. When he described AI-written code as “bloaty” and prone to “awkward abstractions. ” he was warning that code can function while still being hard to reason about later.. Those shortcomings matter in businesses. where software isn’t a one-off deliverable; it’s an asset that must survive changing requirements. security reviews. and staff turnover.
He also argued that developers can’t fully outsource judgment.. Even if AI handles much of the “under the hood” work. he said humans still need to stay in charge of the aesthetics and taste of the system—plus a layer of oversight to catch problems early.. That framing suggests vibe coding is less like fully automating software engineering and more like adding an “intern” that never sleeps: fast. helpful. but requiring management.
That leadership role is showing up in how companies evaluate talent.. The vibe coding wave has influenced hiring conversations—some teams have begun rewarding the ability to direct AI tools effectively rather than writing every line manually.. Meanwhile. software stocks and startup funding have reflected the excitement. with investors backing platforms that promise to make building software simpler for both professionals and beginners.
Still, the market’s optimism collides with a practical reality: messy code isn’t just an aesthetic issue.. Poor structure can slow down debugging, inflate engineering time, and complicate compliance work.. In regulated industries, where audit trails and security controls aren’t optional, brittle systems can become expensive to fix.. In other words, “gross” code doesn’t just offend a developer’s sensibilities—it can quietly raise operational risk.
There’s also a security angle that’s increasingly hard to ignore.. Recent incidents tied to vibe coding tools have demonstrated that speed and convenience can create new failure points. especially around permissions and access controls.. When code generation tools also handle chat. sharing. or project collaboration features. one misconfiguration can expose data that was never intended to be public.
Lovable’s public explanation after detecting a security error shows the kind of reputational and user-trust pressure these platforms now face.. The company said it accidentally re-enabled access to chats on public projects during a backend permissions unification. then rolled back the change after feedback.. Even when fixes are fast. the episode underscores a broader issue: as AI coding tools become more central. governance must keep up.
For businesses deciding whether to adopt vibe coding workflows, the takeaway is straightforward.. AI can compress the time from idea to first working draft. but it doesn’t replace the need for review. testing discipline. and architecture decisions.. Teams that treat AI output as “production-ready” without verification risk turning early momentum into later rework.
The question now is how the industry will respond.. Some labs may focus on generating code that is not only correct. but also structured and maintainable—meaning fewer brittle abstractions. less bloat. and clearer patterns that engineers can extend.. If that progress arrives, vibe coding could mature from a novelty into a reliable production pipeline.. If it doesn’t. human-led oversight will remain the real differentiator. and the companies that build guardrails—not just copilots—are likely to stand out.