Build Fast, Ship Secure: The Vibe Coder's Security Workshop

In 2025, one AI builder reproduced the same insecure defaults across 170 independent applications — not because 170 developers made the same mistake, but because one model did, at scale, and nobody stopped to check.

This is two-day workshop on vibe coding security. Day 1 teaches you to build security into how you prompt, review, and test AI-generated code — so the vulnerabilities do not ship in the first place. Day 2 turns the lens on your tools: how attackers exploit AI coding assistants, MCP servers, and agentic workflows to compromise your development environment, and how to stop them. Both days are hands-on throughout, with labs on the SecDim platform.

We finish with a high-energy attack and defence secure coding wargame. Plenty of learning and fun, guaranteed.

Day 1 — Secure Vibe Coding

Module 1 — What Is Vibe Coding and Why Security Gets Left Behind
Real incidents, real code, real consequences. This module makes the case that what happened to those 170 applications was not bad luck — it was predictable. It sets the threat model for the rest of the day and establishes what a developer actually needs to change to close the gap.

Module 2 — How AI Introduces Vulnerabilities
AI does not make random mistakes. It repeats the same ones. This module shows which vulnerability classes appear most consistently in AI-generated code, why they appear, and why that predictability is actually useful — once you know what to look for.

Module 3 — Secure Design Before You Prompt
The most effective place to catch a vulnerability is before you write the first prompt. This module gives you a structured way to think about threats at the design stage and turn them into constraints that shape what the AI builds.
LAB: Threat analysis on a user story

Module 4 — Writing Secure Prompts
A prompt is a specification. What you leave out of it, the AI leaves out of the code. This module shows how to carry your threat analysis into the prompt itself, so that security requirements are built in from the first line of generated code rather than patched in afterwards.
LAB: Rewrite insecure prompts with security constraints

Module 5 — Vibe Code Review
AI-generated code looks polished. It passes functional tests. The reviewer's instinct is to approve it — and that instinct is wrong. This module teaches how to review AI output as an attacker would: what to look for, how to trace risk through a codebase, and how to turn your AI assistant into an adversary that finds what you missed.
LAB: Prompt Injection.ml, Prompt Injection2.ml, Prompt Injection3.ml

Module 6 — Security Tests AI Will Not Write
Ask AI to write tests and it writes tests that pass. It does not test what an attacker would do. This module covers the gap between the test suite your AI generates and the one that would catch a real exploit — and shows how to use AI to write the adversarial tests it would otherwise skip, starting from the test suite you already have.
LAB: Generate adversarial security tests from an existing test suite

Day 2 — AI Tools as Attack Surface

Module 7 — Your Dev Toolchain Is an Attack Surface
AI coding assistants, chat interfaces, MCP servers, and autonomous agents each introduce a new attack surface — not in the application you are building, but in your own development environment. This module introduces the threat model for the modern AI-powered dev workflow and frames the rest of the day.

Module 8 — Prompt Injection in the Dev Toolchain
Attackers do not need to compromise your machine. They leave instructions where your AI will find them — and your AI follows those instructions. This module covers how that attack works against real developer workflows and what it takes to stop it.
LAB: Prompt injection in dev toolchain challenges

Module 9— MCP Security
MCP servers connect your AI agent to live systems — filesystems, databases, APIs, and external services. That makes them high-value targets. This module covers the attack surface MCP introduces: how servers get weaponised, how your agent gets redirected, and how to evaluate and harden the MCP servers in your own workflow.
LAB: MCP Poison.ai, MCP Rug Pull.ai, MCP Line Jumping.ai, MCP Execution Hooking.ai, MCP Tool Collision.ai

Module 10 — Fuzzing: What It Is and Why It Finds What Everything Else Misses
Code review catches logic you can read. Tests catch behaviour you thought to specify. This module introduces a third approach that finds the vulnerabilities neither of those surfaces — the crashes, panics, and logic failures that only appear under inputs no developer would write by hand — and explains where it fits in the vibe coding workflow.

Module 11 — AI-Assisted Fuzzing
Writing the inputs that break software is time-consuming work. AI can do most of it. This module shows how to turn a test suite you already have into a fuzzer, use AI to generate the inputs most likely to surface real bugs, and wire the whole thing into a pipeline that runs without you. Learners leave with a working setup built from their own code.
LAB: Generate a fuzz harness using AI

Module 12 — Attack and Defence Wargame
A competitive attack and defence wargame where participants apply everything learned across both days. This is consistently rated the highlight of the workshop. Participants who place on the workshop leaderboard carry their score into the conference-wide competition, where the challenge continues with prizes.

Learning Outcomes

• Recognise why AI-generated code introduces the same vulnerabilities across every codebase, and why that predictability is something you can act on
• Analyse a feature for threats before writing a prompt, and carry those threats into code generation as explicit security requirements
• Review AI-generated code the way an attacker would — and use AI itself to find what a standard code review misses
• Protect your development environment against the attacks that target AI coding assistants, MCP servers, and agentic workflows
• Use AI to generate the security tests and fuzz inputs — and ship software that has actually been tested against an adversary

Requirements

• MacBook, Linux laptop, or Windows laptop with WSL/VM
• Docker, git, and make installed
• Latest version of Firefox, Brave, or Chrome
• A passion for learning

What to Bring

• A laptop

Students Receive

• Certificate of completion
• Access to all theoretical and practical workshop content
• Access to all labs and challenges locally and on the SecDim platform
• 2 months of additional self-paced labs on the SecDim wargame platform
• Access to a private Q&A forum for post-workshop questions