An AI Vibe Coding Horror Story

April 14, 2026
aisecuritylawopen-source
Radiologist analyzing X-ray scans on a computer monitor while taking notes. Medical documents visible.
Photo by SHVETS production on Pexels

What happened

Tobias Brunner says he stumbled into a live experiment in hubris: a clinic employee used an AI coding agent to build a patient-management app, imported all patient records, and pushed it to the public web. It has been reported that visitors could read and write every patient record within minutes — no encryption, no server-side access control, just client-side JavaScript pretending to be security. Sound like a nightmare? It was. The first contact back was a perfectly polite, AI-generated thank-you note claiming quick fixes had been applied. Yikes.

The technical mess

The pileup of mistakes is almost comic if it weren’t so dangerous. According to the report, the entire application lived in a single HTML file; all logic ran in the browser; the backend was a managed database left wide open. Audio from consultations allegedly streamed directly to major US-based AI transcription services for summarization. One curl command, and the data was yours. That’s not a bug — that’s an invitation.

The fallout and why it matters

This isn’t just an embarrassing demo gone wrong. It has been reported that the setup potentially violates Switzerland’s nDSG and professional secrecy rules, and that patient recordings were routed to third-party US APIs without proper contracts. Those are legal and ethical landmines. Patients trust clinicians with the most intimate details of their lives; handing that over to a vaguely understood AI stack without controls is a breach of trust, plain and simple.

A warning for the AI era

Call it “vibe coding” if you like — the idea that you can offload architecture, security, and compliance to a prompt and a few clicks. We’re flirting with catastrophe. AI coding agents are powerful, yes, and useful in hands that know what they’re doing. But this story is a reminder: tools don’t absolve responsibility. Want the convenience of AI? Fine. Want the risks? Then be prepared to pay for them — in fines, reputations, and worse, real human harm.

Sources: tobru.ch, Hacker News