Somewhere on an HN thread I saw someone claiming that they "solved" security problems in their vibe-coded app by adding a "security expert" agent to their workflow.

All I could think was, "good luck" and I certainly hope their app never processes anything important...