“The world of AI programming is splitting into two camps”—this dichotomy sounds clear-cut, until I found myself staring at a Claude-generated JSON API code deployed straight to production, realizing I was sliding into a dangerous gray area.

Simon Willison’s recent exposure of cognitive dissonance reveals a subtler trend: when AI-generated code crosses a certain reliability threshold, developers unconsciously lower their scrutiny. What was once a clear divide between “vibe coding” and “agentic engineering” begins to blur. This hybrid state isn’t a triumph of technological progress nor a collapse of engineering ethics—it’s a sign of missing defensive mechanisms in our new workflows.

Many dismiss this as an “inevitable outcome of AI advancement,” but the real trap lies in that seemingly logical progression:

  • Surface-level thinking assumes: the more reliable the tool, the less human intervention needed.
  • The actual trap: we’re substituting “correct results” for “controlled processes,” while AI coding reliability is wildly inconsistent.

Step one? Revisit the original definitions:

  • Vibe coding is black-box scripting—fine for personal use but banned in production.
  • Agentic engineering is pros using AI to extend capabilities, with final control intact.

Yet the most jarring detail in the material is how the author, after Claude repeatedly nailed simple JSON API endpoints, started deploying without review—treating it like a trusted third-party service.

Step two? Examine the engineer’s analogy of relying on another team:

  • Human teams come with professional reputation as implicit guarantee.
  • AI reliability rests on fragile stats like “20 error-free runs.”

This gap manifests as the author’s unease—he catches himself anthropomorphizing trust in AI, with no accountability anchor.

Step three? Set hybrid-state guardrails:

  1. Complexity thresholds: Relax reviews for templated tasks (e.g., JSON APIs), but manually verify security-critical logic.
  2. Error cost tiers: UX glitches can be patched later; data leaks require preemptive blocks.
  3. Style drift checks: Automate audits for AI-generated docs/tests against team conventions.

The biggest misconception? Equating “less review” with “surrendering control.” Smarter workflows suggest:

  • Create verification whitelists for high-frequency patterns (e.g., SQL-to-JSON endpoints).
  • Redirect saved review time to design-layer checks (API specs, data permissions).
  • Maintain “unboxing” contingency—critical services must allow instant human takeover.

The real warning? When AI’s “convenience” erodes professional discipline, we need new defensive habits—not resisting progress, but recalibrating trust at granular levels. Just as we wouldn’t let a flawless screwdriver autonomously assemble jet engines, AI delegation must scale with task criticality.

The easiest trap? Mistaking “no errors yet” for “no errors ever.” But the uneasy Simon Willison in the material is ironically more trustworthy—that persistent discomfort is our last line of technical rationality.