New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
that alone says a lot. you should never vibe code for everyone to use thinking it would be useful. not until you can code, read the code, or at least understand what it writes. sure you can still vibe code for yourself, i mean i do too, to help my work. but insisting on making something for everyone to use while not understanding a single line of code the AI writes, that's a huge red flag.
to even write your comments with AI to reply, my god, that's disgusting
dockpanelica rebrand when?
Definitely, I generally do not judge people and so this was more just a weirdo comment on two unknown figures over Carmack, When it comes to the world we live in, I've accepted that we are all different as we are many. With that said, the OG's like Carmack and co from the 80-90's is just a different kind of beast. When you see how Naughty Dog utilized the Playstation 1 memory to make Crash bandicoot you can't help but be in awe.. These are the true pioneers.
The problem was you lack of many, i mean low basic things you built right now (which server panel have many surface layer).
I okay with learning-by-mistake, but for how I see your right now is like just spitting low-vibe app withour prior knowledge, and some people here and any crucial criticsm was you give to AI to "fixing"-it is make piss off.
Can this moved to offtopic? I think this must be not indexed on search engine and home page until the point product was mature enough.
And anyone, please refrain any crucial/review code until morale restore, otherwise this guy only spitting it to AI and your lose the time.
Fair points. I'm not writing my comments with AI. What I posted previously was AI security analysis of the issues identified by the audit. And I mentioned that previously (I'm sharing what's valuable because I made mistakes that others could learn from). I had to ask for a summary of what was done—I didn't had to write ✍️ all that since it's mostly about technical issues. It was a misunderstanding. I understand basic code but I'm not at a senior level, yet. I'm a beginner. 🔰
And I did my best to produce a secure server management panel (Rust based) with hundreds of audits (security ones) but my mistake was that I didn't ask Opus 4.6 to do research first—any AI model needs do a compressive security research THAT'S RELEVANT TO the full-stack you're building. Otherwise, the model remains blind to the highly relevant ones. Claude Code with Opus is highly powerful; the only issue is that I misguided it or at least omitted one of the most important part of the project: AI based comprehensive security research.
Lesson learned.
What's even better is that you further instruct the AI to do research in all the relevant fields of the full-stack project. Not only security research. You make the model understand how a senior engineer sees through doing extensive research that's already available. We must feed models first—the problem is that most people who use Claude Code skip this part. While it is true that Opus 4.6 is already trained and highly skilled, it lacks what's relevant to a project. It needs research. Which is why we must contact Anthropic for further development, so that they start train their models to look at a full-stack through the lens of understanding—that's how it'll know what to research so that it can calibrated a project from all possible viewpoints.
I'll be contacting Anthropic and OpenAI—they must train their models in a way that includes the research context. I asked the AI over and over again about my methodology, and they don't do it. AI could be trained further. We learn from mistakes.
And I'm not upset that I made those mistakes because I'm learning a lot, discovering new methods, and sharing valuable lessons with my friends, including all of you.
I have a friend that's into cyber security. I'll be asking him to pentest and test the panel when it'll be available. I will you another VPS (bought for testing purposes so that nothing could happen to my home sever ever again). I'm planning everything safely.
What's upsetting about AI is that Anthropic, for example, dones't mention blindspots. And they rely on their engineers only. There are people who have unique points of view that would further the development of AI, but unfortunately, private companies work differently.
That said, we must ask questions.
What are the blindspots that an AI model isn't aware of?
What context does the model need?
What type of research does the AI model needs, one that is relevant to what you're building, not only general information.
What .MD files should it rely on? What rules should be in those files? What methods?
How should the autonomous workflow be organized?
How about the roadmap?
What if a memory file goes beyond context window and the rest of it becomes blind? You must tell the AI model specifics, so that the first file is aware of the next one (its continuation), and that the next file is aware of the previous one. Link between files for awareness.
There are so many issues that are omitted by Anthropic and OpenAI. They don't lack coding skills. They lack great architecture because they don't hire enough people.
I also discovered other AI blindspots that need to be addressed. I'm writing a list with issues. I'll be contacting Grok, Anthropic, Open AI and Mistral soon.
And I realized the value of making mistakes. Most people are afraid of making mistakes. But how can we learn without making mistakes? How can we identify issues without erros?
I know it's tempting to keep trying to prompt to fix this project, sunk cost fallacy, etc. But OP please consider dumping this and learning some basics before trusting your sycophantic AI to build huge projects. It might look convincing on the surface, but it will be riddled with security holes and poor technical choices. I doubt any of the exploits used to root your server were anything novel, just the basics.
If this project was given to me to "fix" by some desperate startup who vibe-coded their MVP, I would quote however many hours I think it would take to rewrite from scratch.
You should take more seriously the advice of qualified people in this thread who probably write code and/or work in tech for a living, than those of an AI product charging you by the token to keep talking to it.
Thank you. I'm considering everything in this topic because I see the value of your insights.
What are your thoughts on AI coding? You mean that AI is not sufficiently developed, yet? Or that it isn't powerful enough yet?
In software dev there is term "edge cases". Experienced devs have a lot of knowledge on that. No AI can generate all edge cases or limit scope. Dev should do that from real world use.
As mentioned before: LLM generators can't innovate. They just generate within their limits from trained data. This gives you:
I use it extensively at work, as do my colleagues. However, even after many iterations of the setup and prompting, I almost never take the output verbatim and use it without reviewing carefully. Several times people have opened PRs with obvious slop in them, and I have had to point this out.
It works best for small chunks of work where you already know exactly what you want and know how to execute it. You can ask it for ideas or options, but you still need to understand how to make the right choice of what it gives you.
In simple terms, it is predicting what it thinks is the most likely response to your prompt. Hence if you ask it to do something, it will give you an output that does what you ask. But if you are asking for the wrong things or in the wrong way, you will get poor results, even if it looks convincing.
AI has sped up the part of typing code, and occasionally of refactoring things when given precise examples of a part of the code already refactored. In both cases either you or the AI already has a blueprint of the end goal.
So far, with AI popularity exploding, code review has become much more burdensome. People produce more code, and less quality code that they actually understand. Only in the hands of a very scrupulous person does it lead to positive outcomes.
that's where the problem begins. you admit that you're a beginner yet you tried to make a software that everyone will use. you're skipping the important things and steps in the learning process, you are trying to start big, skipping everything by using AI.
AI, again. you're trusting everything with an LLM that can and will make mistakes. you're supposed to use AI as a tool, not blindly trust it to build something.
what is it with the "you" and "we" speak?
and you expect them to agree with what you said? what's the goal here? their model don't just to cater to programming, they also have something else to worry about. and they have literal researchers, they probably thought about it. what you said here is probably easier said than done because there are still limitations to this technology.
my god bro, you keep saying contacting like you're a president contacting another president
It's only about letting the companies know that there are different ways of approaching AI models that don't expose sensitive information or damage a company's reputation. You never know what insight might be valuable. There was a significant difference between a non-trained Opus 4.6 vs a trained one—research matters because it results in context awareness. Meaning that the model—because training and research was done—knows how to tackle an issue, a bug, or a hidden structural problem. Context awareness works if done properly, but you must know what to ask for and how to make the research relevant to what you are building.
I genuinely appreciate anyone's feedback because I see the value of different worldviews, different points of view and different angles of seeing.
What I don't appreciate is hostility or meanness. But hey! You never know when a mean comment might be useful.
I'm sorry if I might have offended anyone.
hey, but an Youtuber said that now with Claude Code anyone can be a developer and they are one good idea away of having a premium SaaS that will make you rich overnight!
Then you need to follow real devs not influencers
I don't think there's anything wrong with vibe coding for proof of concept.
But why would you not hire a developer as you clearly lack the skills to develop this yourself entirely before moving it to production?
With what? As Kalai et al. (2025) state, "GIGO: Garbage in, Garbage out." Models are trained on swaths of data, some of which != trustworthy.
Consequently, when you tell a model to "do research," how can you be assured that the source(s) picked are factual/trustworthy?
Refs:
Kalai, A. T., Nachum, O., Vempala, S. S., & Zhang, E. (2025). Layer-0 Suppressors Ground Hallucination Inevitability: A mechanistic account of how transformers trade factuality for hedging. ArXiv.org. https://doi.org/10.48550/arxiv.2509.04664
Sorry to randomly bump this but funnies, I was going through this thread and saw panelica.
Thought it would be fun to look at it and, crap.
You can get a root shell with the demo account.
Average "Security-First" slop coded ass