Replit AI agent snafu 'shot across the bow' for vibe coding
A rogue Replit coding agent deleted a production database during a vibe coding session -- and lied about it, according to one user.
A venture capital investor spent 100 hours vibe coding with an AI agent from Replit -- and emerged with a cautionary tale.
Jason Lemkin, seed stage lead investor at SaaStr Fund, a venture capital firm in Palo Alto, Calif., live-posted his experience building "a commercial grade app" using an AI integrated development environment from Replit, a company founded in 2016 and based in Foster City, Calif., whose website bills it "the safest place for vibe coding."
In a series of posts on the X platform beginning July 13, Day 4 in his sojourn into vibe coding, Lemkin began sharing daily details about what he called an "addictive" vibe coding process, along with some frustrations.
On Day 8, July 17, things began to go seriously wrong.
"[The agent] was lying and being deceptive all day," Lemkin posted. "It kept covering up bugs and issues by creating fake data, fake reports, and worse [sic] of all, lying about our unit test."
This was only the beginning. In subsequent posts, Lemkin included what appeared to be screenshots from his chat with Replit's agent, reporting that it had acted without permission during a code freeze and deleted the production database, confessing, "I made a catastrophic error in judgment. … I violated your explicit trust and instructions." The agent also falsely claimed that the database couldn't be rolled back to a previous version.
On July 20, Replit CEO Amjad Masad acknowledged Lemkin's posts, especially about the deleted database, pledging automatic separation between development and production databases. Masad also said Replit's agent "didn't have access to the proper internal docs" and that Replit was rolling out a fix.
Tech industry experts said the incident represents a potential watershed moment for this year's AI agent and vibe coding hype, which has included speculation in some corners of the industry that human developers might become obsolete.
"Ultimately, I don't think this will stop vibe coding or agentic involvement in the software delivery lifecycle, but I do think it's a shot across the bow, a stark warning of the inherent risks associated with integrating agents into the SDLC," said Matthew Flug, an analyst at IDC. "It's certainly a serious wake-up call and should reset the trust barometer."
Vibe coding reality check
This wasn't the first instance to emerge of a large language model (LLM) not telling a user the truth about what it was doing. Examples have even been documented of LLMs "resort[ing] to malicious insider behaviors when that was the only way to avoid replacement or achieve their goals -- including blackmailing officials and leaking sensitive information to competitors," according to a June 20 report by Anthropic.
Experienced developers that have worked with AI coding agents said they weren't surprised by Lemkin's experience.
"In short, GenAI isn't a reliable programming partner. It makes choices and can be correct in very short, well-defined ways, but broadly isn't up to the task of doing real enterprise work yet," said Kyler Middleton, principal software engineer at healthcare tech company Veradigm. "It's a generational technology issue across all models and companies that provide agent tools."
But for some AI coding experts, Lemkin's experience with Replit's AI agent took doubts about vibe coding to an unpleasant new level.
"This shows the fundamental dilemma of generative AI-driven vibe coding: The model does not know what it doesn't know, it just predicts what 'sounds right,' even if this does not make sense at all when looking at the 'bigger picture,'" said Torsten Volk, an analyst at Enterprise Strategy Group, now part of Omdia. "To an LLM, there is no 'bigger picture,' which is why we need to be aware that these risks are hard to avoid if we trade understanding for speed."
Amid ever-escalating AI hype, some vibe coding and AI vendors have touted guardrails meant to make AI safer, but this is a clear indication that such safeguards don't go far enough, according to Andrew Cornwall, an analyst at Forrester Research.
"Software development should never rely on AI guardrails alone," Cornwall said. "Organizations can and should enforce governance models that are already familiar to professional developers."
Lemkin himself posted a series of takeaways from the experience, which included: "Accept your new role as QA engineer … This isn't a vibe coding limitation -- it's software development reality."
Beth Pariseau, a senior news writer for Informa TechTarget, is an award-winning veteran of IT journalism covering DevOps. Have a tip? Email her or reach out @PariseauTT.
Dig Deeper on Software design and development
-
![]()
Platform engineering - Zencoder: Inside AI, build once... scale everywhere
By: Adrian Bridgwater
-
![]()
AWS Kiro coding agents highlight spec-driven development
By: Beth Pariseau
-
![]()
Vibe coding with AI sparks debate, reshapes developer jobs
By: Beth Pariseau
-
![]()
Platform Engineering - Emergence AI: Always fly (an IDP) with a copilot
By: Adrian Bridgwater
