The scariest thing I vibe-coded was the billing logic — how do you sleep at night?
Non-technical founder here, built my whole product with Claude Code. Everyone in this forum keeps saying the same thing — UI and analytics get the "looks fine, ship it" treatment, but billing and auth get the paranoid line-by-line review. I've lived that.
Here's the twist though: my product IS the billing edge case. It's a tool that recovers failed subscription payments, so the entire thing lives in the messy world of declined cards — expired cards, insufficient funds, bank 3-D Secure/SCA challenges that all look similar in the data but need completely different handling. Vibe-coding something where a wrong branch means someone gets emailed "your card was declined" when it actually went through was genuinely terrifying. I couldn't just trust the vibes.
What ended up saving me wasn't better prompts — it was writing dead-simple, dumb tests for every decline reason and refusing to ship a branch until it passed, even when the AI swore it was fine. Reading the webhook payloads myself, by hand, taught me more than any amount of "explain this code" ever did. The moment I treated the AI like a fast junior who's confidently wrong about money, things got a lot calmer.
For the others here building on top of payments or anything money-touching: where do you draw your own line — do you let the agent own billing code at all, or is that the one area you still write and verify entirely yourself?
Replies
I really like the camparision of AI to a fast junior developer. That's probably one of the healthiest ways to think about it. It can move quickly, but when money is involved, I still want every important decision backed by tests and my own review.
@destiny_elle I think reading the webhook payloads yourself was probably the most valuable part of the process. There's a big diffrence between understanding what AI says should happen and seeing what actually comes back from a payment provider.
For me, the line would probably depend on the risk. I'd be comfortable letting AI build the first version of billing logic, but I wouldn't be comfortable merging it without thorough testing and understanding every important branch.
@uthappa_robb I'm curious whether you found any cases where all the tests passed but the implementation still behaved diffrently in production. Payment systems often have those unexpected edge cases that are difficult to simulate completely.
WebCurate.co
I treat billing, authentication, and anything that affects customer data differently from the rest of the codebase.
AI can help generate and refactor code, but I always verify the logic myself and rely on comprehensive tests before shipping.
Your point about treating AI like a confident junior engineer really resonates. The closer code gets to money, identity, or compliance, the less valuable "it probably works" becomes. In those areas, the competitive advantage isn't writing code faster, it's reducing the cost of proving it's correct.