AI Built with `useEffect` for Data Fetching (It Shouldn’t)
AI-generated React code often uses `useEffect` for data fetching — a pattern that causes race conditions, stale data, and duplicate network requests.
Assumption Gaps
The assumptions AI tools make silently — and the prompts and checklists that surface them before they cost you a week.
AI-generated React code often uses `useEffect` for data fetching — a pattern that causes race conditions, stale data, and duplicate network requests.
The Supabase `service_role` key bypasses all RLS. If it appears in frontend code, any user can extract it and access your entire database.
Adding authentication to an app after the data layer is built usually means retrofitting user ownership into every table, query, and RLS policy from scratch.
AI tools scaffold UI instantly, but without a planned schema first, every data change requires rework cascading through the whole app.
AI tools generate realistic-looking fake data during development. When that data isn’t scrubbed before launch, real users can see fabricated names, emails, or records.
Agent wrote PG syntax despite SQLite project.
Generated SQL without ENABLE ROW LEVEL SECURITY.
Defaults to react-router-dom on TanStack Start.
Suggests child_process or fs on Workers.
Build completes but page shows fixtures.
Generates vercel.json on a Cloudflare project.
Generates tailwind.config.js even though v4 uses CSS @theme.
When you say add auth the model assumes Supabase.
Client-side role check trivially bypassed.
Adds auth.uid() lookups to landing-page server fns.