Follow us
© CoinPaprika 2026 Last updated: 2026-04-20 22:36:59 UTC

Vibe coding: build with AI agents instead of writing every line

By Mateusz Sroka

13 Mar 2026 (about 1 month ago)

8 min read

AI Agents & Large Language Models

Share:

What vibe coding is, when it works vs fails, security risks from real studies, and how MCP connects vibe-coded apps to live crypto data through DexPaprika.

Vibe coding: build with AI agents instead of writing every line

Vibe coding: build with AI agents instead of writing every line

Vibe coding is a software development practice where you describe what you want in natural language and let an AI write the code, accepting the result without reading or fully understanding it. Coined by Andrej Karpathy in February 2025, the term captures a loop: describe, generate, accept, run, paste errors back in.

Within a year, "vibe coding" went from a throwaway tweet to Collins Dictionary's Word of the Year for 2025. By the 2025 Stack Overflow survey, 84% of developers were using AI tools in their workflow and 51% used them daily. This isn't a niche practice anymore.

Karpathy's original description is still the best one: "I just see stuff, say stuff, run stuff, and copy paste stuff, and it mostly works." You talk to the AI. It writes code. You run it. If it breaks, you paste the error back in. You never open the file to read what it actually wrote. The code "grows beyond my usual comprehension," as he put it, and that's fine because it's a weekend project.

This is fundamentally different from AI-assisted coding, where a developer uses Copilot suggestions but still reviews every line. Vibe coding means giving up that control entirely. You're the product director, not the engineer. Simon Willison drew the clearest line: "Not all AI-assisted programming is vibe coding." The distinguishing feature is accepting code you don't understand.

How vibe coding works

The workflow is a five-step loop that keeps repeating until you're done:

  1. Describe what you want ("build a dashboard showing top Ethereum pools by volume")
  2. Generate the AI writes the full code
  3. Accept All without reading the diff
  4. Run the app and observe what happens
  5. Paste errors back if something breaks, with no additional context

No architecture planning, no code review, no manual debugging. Karpathy used Cursor with Claude Sonnet and SuperWhisper for voice input, so he barely touched the keyboard. In practice, a session looks like this: you say "add a login form to the sidebar," the AI rewrites three files, you click Accept All, refresh the browser, see the form, and say "make the button blue." Fifteen exchanges later you have a working app and no idea what's in the codebase.

The tools that make this possible have exploded in the past year. Cursor hit $2 billion+ in annualized revenue by March 2026, the fastest B2B SaaS to $1 billion ever. GitHub Copilot has 20 million users and 42% market share among paid AI coding tools. Claude Code runs as a CLI agent that reads your codebase, writes code, runs tests, and even submits PRs autonomously. It scored 72.5% on SWE-bench, which measures real-world software engineering tasks.

For people who aren't developers at all, tools like Lovable ($100 million ARR in 8 months), Bolt.new, Replit Agent, and v0 generate entire applications from a prompt. 25% of Y Combinator's Winter 2025 batch had codebases that were 95%+ AI-generated. Microsoft CEO Satya Nadella said up to 30% of Microsoft's own code is now AI-written. These numbers were unthinkable two years ago.

ToolTypeBest forScale
CursorAI code editorDevelopers vibe coding in existing codebases$2B+ ARR, 1M+ paying users
Claude CodeCLI agentComplex multi-file tasks, terminal workflowsSWE-bench 72.5%
GitHub CopilotIDE extensionInline suggestions + agent mode20M users, 42% market share
LovableApp builderNon-developers building full apps$100M ARR in 8 months
v0 (Vercel)UI generatorFrontend components from natural languageProduction-ready React/Next.js

When vibe coding works (and when it doesn't)

I want to be direct about this because the hype consistently gets ahead of the evidence.

Vibe coding is genuinely great for prototypes, weekend projects, internal tools, and MVPs. Pieter Levels built a multiplayer flight simulator with Cursor and Grok 3, hit $1 million ARR within 17 days. He's an experienced developer, but the speed was pure vibe coding: prompt, accept, ship. Non-developer Paulius Masalskas used the same approach to build CreatorHunter, a creator analytics tool that generated $30,000 in revenue. These aren't toy demos. They're real products making real money from people who couldn't have built them this fast before.

But production systems are a different story. The research is stacking up, and it's not all good news:

StudyFindingSource
METR (July 2025)Experienced developers 19% slower with AI on 246 real tasks16 open-source devs, repos avg 22K+ stars
CodeRabbit (Dec 2025)AI code has 1.7x more major issues, 2.74x more security vulns470 GitHub PRs analyzed
Georgetown CSET45% of AI-generated code contains OWASP Top 10 vulnerabilityVeracode corroborates
Lovable incident (May 2025)170 of 1,645 vibe-coded apps exposed user dataPersonal data accessible to anyone

The METR finding is the most counterintuitive. Those developers thought they were 24% faster. They were actually 19% slower. The perception gap alone should give you pause.

Works wellFails or creates risk
Throwaway weekend projectsProduction systems with real users
Prototyping and MVPsSecurity-sensitive applications
UI/frontend componentsCode that needs long-term maintenance
Internal tools and demosComplex systems requiring architecture
Non-developers validating ideasLarge codebases with existing history

Karpathy himself backed away from pure vibe coding by late 2025, acknowledging the need for "more oversight and scrutiny." The consensus I've seen settle is: vibe code to explore, then switch to disciplined AI-assisted development for anything that faces real users.

Vibe coding with live data: how MCP connects everything

Here's what I think separates vibe-coded toys from vibe-coded tools that actually do something: connecting them to live data through MCP.

Without MCP, a vibe-coded app gets mock data or hardcoded values. You end up with a beautiful dashboard showing fake numbers. With MCP, you say "show me the top 10 Ethereum pools by volume" and the AI pulls current data because it has a direct connection to the source. The app works with actual market data from the first run.

I set up DexPaprika's MCP server in Cursor to test this. Two lines of config: 

// .cursor/mcp.json
{
  "mcpServers": {
    "dexpaprika": {
      "url": "https://mcp.dexpaprika.com/streamable-http"
    }
  }
}

Then I started prompting:

  • "Build me a dashboard showing the top 10 Ethereum DEX pools sorted by 24h volume" — the AI picked the getNetworkPools tool, passed order_by: volume_usd, and generated a working React table with real pool data.
  • "Add a price tracker for WETH, USDC, and SOL with auto-refresh" — it used getTokenDetails for each, set up a polling interval, and displayed live prices.
  • "Show me pools created in the last 24 hours with more than $100K volume" — it chained getNetworkPoolsFilter with the right parameters and rendered a sortable list.

The AI reads the MCP server's 14 typed tools, picks the right one, and generates working code that calls the API correctly. No API key. No registration. No documentation to read. That zero-friction model matches the vibe coding philosophy perfectly.

For Claude Code, the same data is available via the marketplace plugin. For centralized exchange data, CoinPaprika's MCP server adds 23 free tools covering 2,500+ cryptocurrencies. DexPaprika also publishes skill files that teach the AI about endpoint quirks and field naming conventions, so it doesn't trip over the API. The agents.dexpaprika.com hub ties all the integration paths together, and the docs include a dedicated vibe coding tutorial.

If you want to go deeper and build your own MCP server to connect custom data, our guide to building your first MCP server walks through the process.

Vibe coding: frequently asked questions

Q: Is vibe coding real programming?

A: It produces real software that runs and serves users. Whether it's "programming" depends on your definition. Karpathy called it "not really coding." Collins Dictionary named it Word of the Year. Wikipedia categorizes it as a software development practice. What's clear is that it produces working products, sometimes generating millions in revenue, from people who never wrote a line of code themselves.

Q: Can I build a production app by vibe coding?

A: You can build the first version fast. Getting it to production quality requires more oversight. Georgetown CSET found 45% of AI-generated code has security vulnerabilities, and CodeRabbit's analysis showed 2.74x more security issues in AI-authored code. The practical approach: vibe code the MVP to validate the idea, then bring in engineering discipline for what you actually ship to users.

Q: What's the best tool for vibe coding?

A: Cursor ($2B+ ARR, the tool Karpathy named) if you're a developer working in an existing codebase. Lovable or Bolt.new if you're a non-developer building from scratch. Claude Code if you prefer terminal workflows and need strong multi-file editing. GitHub Copilot if you want the largest ecosystem with 20 million users and agent mode.

Q: Does vibe coding make developers obsolete?

A: No. It changes who can build software (more people) and how fast prototypes happen (much faster). But the METR study found experienced developers were actually slower with AI on complex real-world tasks. Production software still needs engineering judgment for architecture, security, and long-term maintainability. Vibe coding is a new tool, not a replacement for expertise.

Q: How does the Model Context Protocol (MCP) improve vibe coding?

A:MCP gives vibe-coded apps access to live data through a standardized interface. Without it, you get mock data or hardcoded values. With MCP servers like DexPaprika's (27 million+ tokens, 33 blockchains, free), you describe "show me ETH pool data" and the AI fetches current market data. The app works with real information from the first run.

Q: Is vibe coding safe?

A: For prototypes and internal tools, the risk is manageable. For user-facing applications, it carries real security risk. Georgetown CSET found 45% of AI code contains OWASP vulnerabilities. In May 2025, 170 of 1,645 Lovable-built apps exposed user personal data publicly. Use vibe coding for exploration and validation, not for anything handling sensitive data without a security review.

What to remember about vibe coding

Key takeaways

  • Vibe coding is the fastest way to go from idea to working prototype. But the METR finding that experienced developers were actually slower on complex tasks means it's not universally faster. Know when to vibe and when to engineer.
  • The security numbers can't be ignored: 45% OWASP vulnerability rate, 2.74x more security issues than human code, real incidents with real user data exposed. If you're vibe coding anything that touches user data, get a security review before deploying.
  • MCP is what turns vibe coding from mock-data demos into applications that do real work. Connecting to live data sources like DexPaprika for DEX data and CoinPaprika for exchange data gives vibe-coded apps the same data access as production systems.
  • For the protocol that makes these data connections possible, see our guide on what is MCP. For how AI agents use the tools MCP provides, see what is tool use. To build your own MCP server, see our practical guide.

Related articles

Latest articles

Coinpaprika education

Discover practical guides, definitions, and deep dives to grow your crypto knowledge.

Cryptocurrencies are highly volatile and involve significant risk. You may lose part or all of your investment.

All information on Coinpaprika is provided for informational purposes only and does not constitute financial or investment advice. Always conduct your own research (DYOR) and consult a qualified financial advisor before making investment decisions.

Coinpaprika is not liable for any losses resulting from the use of this information.

Go back to Education