Writing

Field notes from auditing AI-built software.

Short, useful, opinionated. Mostly about the boring problems — auth, deploys, backups, money — that bite teams a month after launch.

Featured · non technical founder

What Non-Technical Founders Should Do After Building an MVP with AI

You shipped an AI-built MVP. Now what? A business-first guide for non-technical founders: audit, risk triage, roadmap, and ongoing support.

2026 · 05 · 08

You shipped an AI-built MVP. Now what? A business-first guide for non-technical founders: audit, risk triage, roadmap, and ongoing support.

Read the post →
2026 · 05 · 07
rewrite ai app

When to Rewrite AI-Generated Code Instead of Fixing It

A decision framework for AI-built apps: harden in place, refactor a subsystem, or rebuild. How to tell which one your codebase actually needs.

Read →
2026 · 05 · 06
ai app security checklist

Security Checklist for AI-Built Apps

A practical security checklist for AI-built apps: auth, data, secrets, dependencies, logs, and backups. Specific items, not vague principles.

Read →
2026 · 05 · 05
vibe coding

The Production Risks of Vibe Coding

Vibe coding is a real way to ship software now. It is also a specific set of failure modes when those apps meet real users. Here is where they break.

Read →
2026 · 05 · 04
ai code audit

Why Your AI-Generated Code Needs an Audit Before Launch

AI prototypes ship fast, but security, auth, deployment, and data handling still need a senior review before launch. Here is what an audit actually catches.

Read →
2026 · 05 · 02
Incident review

The five most common ways an AI-built app gets popped in its first week.

Composite incident review from four real audits. The bugs are not changed.

Read →