# AI Coding Guild — Full LLM Catalog > Full machine-readable catalog of public learning paths, free lessons, and copy-paste prompts from AI Coding Guild. ## Summary - Homepage: https://aicodingguild.com/ - Start here: https://aicodingguild.com/start - Guild landing page: https://aicodingguild.com/guild - Guided skill previews: https://aicodingguild.com/guild/skills - Learn index: https://aicodingguild.com/learn - Learn plain-text export: https://aicodingguild.com/learn/txt - Blog index: https://aicodingguild.com/blog - Blog archive plain-text export: https://aicodingguild.com/blog/txt - Prompt library: https://aicodingguild.com/prompts - Starter sample prompts: https://aicodingguild.com/sample-prompts - Starter sample prompts plain-text export: https://aicodingguild.com/sample-prompts/txt - Prompt library plain-text export: https://aicodingguild.com/prompts/txt - Prompt pack hub: https://aicodingguild.com/prompts/packs - Unified site search: https://aicodingguild.com/search - Prompt search pattern: https://aicodingguild.com/prompts?q=review - Prompt path filter pattern: https://aicodingguild.com/prompts?path=start-here - Unified search pattern: https://aicodingguild.com/search?q=architecture - Pricing: https://aicodingguild.com/pricing - About: https://aicodingguild.com/about - Founder profile: https://aicodingguild.com/about/tom-hundley - Contact: https://aicodingguild.com/contact - Privacy Policy: https://aicodingguild.com/privacy - Terms of Service: https://aicodingguild.com/terms - Sitemap: https://aicodingguild.com/sitemap.xml - RSS Feed: https://aicodingguild.com/feed.xml - Summary file: https://aicodingguild.com/llms.txt Current free path count: 3 Current public blog post count: 124 Current public skill preview count: 3 Current public starter prompt count: 4 Current public prompt count: 58 Current public prompt pack count: 6 ## Start Here Guide - Canonical beginner route: https://aicodingguild.com/start ### I have never run a coding agent on a real project before - Pack URL: https://aicodingguild.com/prompts/packs/first-agent-session - Lesson URL: https://aicodingguild.com/learn/start-here/the-safe-vibe-coding-loop - Path URL: https://aicodingguild.com/learn/start-here - Why this route: Start with a pack that forces the agent to scope the job, ask clarifying questions, and stop after one safe first move. ### I am worried the agent will touch too much or leak something sensitive - Pack URL: https://aicodingguild.com/prompts/packs/start-safely - Lesson URL: https://aicodingguild.com/learn/start-here/the-safe-vibe-coding-loop - Path URL: https://aicodingguild.com/learn/start-here - Why this route: Open the safety-first pack for prompts that lock scope, protect secrets, and keep the job small enough to inspect. ### My prompts are vague, and the agent keeps misunderstanding the task - Pack URL: https://aicodingguild.com/prompts/packs/write-better-prompts - Lesson URL: https://aicodingguild.com/learn/ai-tools/anti-patterns - Path URL: https://aicodingguild.com/learn/ai-tools - Why this route: Use the prompt-quality pack when you need a better request structure before you ask the agent to write or change code. ### I need to review a diff or debug without letting the agent thrash - Pack URL: https://aicodingguild.com/prompts/packs/review-and-debug - Lesson URL: https://aicodingguild.com/learn/ai-tools/code-review-with-ai - Path URL: https://aicodingguild.com/learn/ai-tools - Why this route: Use the review-and-debug pack to tighten requests, inspect one reviewable change, and keep the debugging loop controlled. ### I need to think through the system before the agent starts coding - Pack URL: https://aicodingguild.com/prompts/packs/think-in-systems - Lesson URL: https://aicodingguild.com/learn/foundations/choosing-your-tech-stack - Path URL: https://aicodingguild.com/learn/foundations - Why this route: Open the systems-thinking pack when you need architecture, tradeoffs, and boundaries before implementation details take over. ### I am afraid I will lose work or make a mess in Git before I can recover - Pack URL: https://aicodingguild.com/prompts/packs/protect-your-work - Lesson URL: https://aicodingguild.com/learn/start-here/dont-lose-your-work - Path URL: https://aicodingguild.com/learn/start-here - Why this route: Start with the recovery and checkpoint pack so you create restore points before the agent touches more files. ## Best Starter Prompts - Starter sample prompts plain-text export: https://aicodingguild.com/sample-prompts/txt - Full library plain-text export: https://aicodingguild.com/prompts/txt ### Safe Beginner Loop - Prompt URL: https://aicodingguild.com/prompts/the-safe-vibe-coding-loop - Lesson URL: https://aicodingguild.com/learn/start-here/the-safe-vibe-coding-loop - Path: Start Here — Build Safely With AI - Category: Safety - Summary: Use this before any implementation work when you want the agent to stay scoped, explain itself, and stop after one reviewable change. ```text "I want to work in a safe beginner loop. Please do only this one task: [describe one tiny change]. Before making changes: ``` ### Tighten My Coding Prompt - Prompt URL: https://aicodingguild.com/prompts/anatomy-of-good-coding-prompt - Lesson URL: https://aicodingguild.com/learn/ai-tools/anatomy-of-good-coding-prompt - Path: Working With AI Tools - Category: Prompt Design - Summary: Use this when your current request feels vague and you want the agent to help shape a safer, sharper implementation prompt before files change. ```text **Use this with Cursor or Claude Code before you ask for implementation work:** "Help me tighten this coding prompt before any files are changed. Project context: [stack, app purpose, relevant data model] ``` ### Review The Diff - Prompt URL: https://aicodingguild.com/prompts/code-review-with-ai - Lesson URL: https://aicodingguild.com/learn/ai-tools/code-review-with-ai - Path: Working With AI Tools - Category: Review - Summary: Use this after an AI-generated change lands so the reviewer focuses on correctness, security, edge cases, and misleading tests. ```text "Review the diff between my branch and `main`. For every finding: 1. label it as must-fix, should-fix, consider, or optional ``` ### Pre-Flight Secrets Check - Prompt URL: https://aicodingguild.com/prompts/before-you-share-anything - Lesson URL: https://aicodingguild.com/learn/start-here/before-you-share-anything - Path: Start Here — Build Safely With AI - Category: Secrets Hygiene - Summary: Run this before you paste configs, screenshots, or terminal output into an AI tool so you do not leak API keys, connection strings, or internal URLs. ```text "I am about to share this small app with another person for the first time. Please give me a beginner-safe pre-share review. Context: ``` ## Prompt Packs By Situation - Prompt Packs Hub: https://aicodingguild.com/prompts/packs ### Run your first agent session - Pack URL: https://aicodingguild.com/prompts/packs/first-agent-session - Filtered library URL: https://aicodingguild.com/prompts?q=agent&path=start-here - Description: Prompts for your first real AI-assisted build session so the agent explains scope, asks clarifying questions, and stops after one safe first move. - Prompt count: 2 - Featured prompt: [Safe Beginner Loop](https://aicodingguild.com/prompts/the-safe-vibe-coding-loop) ### Start safely - Pack URL: https://aicodingguild.com/prompts/packs/start-safely - Filtered library URL: https://aicodingguild.com/prompts?path=start-here - Description: Prompts for scoping work, protecting secrets, and making the agent stop after one reviewable step. - Prompt count: 6 - Featured prompt: [Safe Beginner Loop](https://aicodingguild.com/prompts/the-safe-vibe-coding-loop) ### Review and debug - Pack URL: https://aicodingguild.com/prompts/packs/review-and-debug - Filtered library URL: https://aicodingguild.com/prompts?path=ai-tools - Description: Prompts for tightening requests, reviewing diffs, and debugging without letting the agent thrash. - Prompt count: 23 - Featured prompt: [Review The Diff](https://aicodingguild.com/prompts/code-review-with-ai) ### Write better prompts - Pack URL: https://aicodingguild.com/prompts/packs/write-better-prompts - Filtered library URL: https://aicodingguild.com/prompts?q=prompt-engineering&path=ai-tools - Description: Prompts for tightening vague requests, decomposing big ideas, teaching patterns with examples, and avoiding prompting anti-patterns. - Prompt count: 6 - Featured prompt: [The Anti-Patterns — Prompts That Produce Bad Code](https://aicodingguild.com/prompts/anti-patterns) ### Think in systems - Pack URL: https://aicodingguild.com/prompts/packs/think-in-systems - Filtered library URL: https://aicodingguild.com/prompts?q=architecture - Description: Prompts that push the agent toward architecture, tradeoffs, and production-safe structure instead of surface fixes. - Prompt count: 7 - Featured prompt: [Choosing Your Tech Stack — A Decision Framework](https://aicodingguild.com/prompts/choosing-your-tech-stack) ### Protect your work - Pack URL: https://aicodingguild.com/prompts/packs/protect-your-work - Filtered library URL: https://aicodingguild.com/prompts?q=git - Description: Prompts for Git, checkpoints, backups, and version-control habits before you let the agent touch more files. - Prompt count: 4 - Featured prompt: [Don't Lose Your Work — Folders, Git, and Checkpoints](https://aicodingguild.com/prompts/dont-lose-your-work) ## Public Blog Archive - Plain-text export: https://aicodingguild.com/blog/txt - [Dependency Updates: Stay Current Without Breaking Things](https://aicodingguild.com/blog/dependency-updates-stay-current-without-breaking-things) — 2026-04-14 — dependencies, renovate, dependabot — Dependency management is the unglamorous final piece of production readiness -- and the one most teams get wrong. Learn how the September 2025 npm supply chain attacks exploited blind trust in packages, and build the disciplined update rhythm that keeps your app current without breaking things. - [Architecture Decision Records: Document Why, Not What](https://aicodingguild.com/blog/architecture-decision-records-document-why-not-what) — 2026-04-14 — adr, architecture-decisions, documentation — The most dangerous thing in a codebase is not the code you wrote -- it is the context you forgot to write down. Architecture Decision Records close that gap. Here is the template, a real example, and the meta-skill that ties together everything in this series. - [Prompt of the Day: Build a Complete Search Feature with Embeddings](https://aicodingguild.com/blog/prompt-build-complete-search-feature-embeddings) — 2026-04-14 — embeddings, semantic-search, pgvector — Semantic search understands meaning, not just characters -- and after 30 days of prompts, this is the one that changes what your apps can do. Learn how to prompt your AI coding tool to build a full OpenAI embeddings plus Supabase pgvector search feature, complete with a debounced React component and TypeScript types throughout. - [OWASP Top 10 for AI-Built Apps: The Complete Guide](https://aicodingguild.com/blog/owasp-top-10-for-ai-built-apps-complete-guide) — 2026-04-14 — owasp, top-10, security — You have spent 30 days building your security foundation. Now meet the standard the professionals use. This series finale maps every item in the OWASP Top 10:2025 to the concrete skills you have developed -- and to the real-world data showing exactly why AI-generated code makes each one critical. - [The Monthly Security Audit: Your Ongoing Checklist](https://aicodingguild.com/blog/the-monthly-security-audit-your-ongoing-checklist) — 2026-04-13 — security-audit, checklist, ongoing-security — Security checked at launch decays the moment you ship your next feature. A 50-minute monthly audit -- covering dependencies, access controls, secrets, logging, and infrastructure -- is the habit that keeps vibe-built apps safe long after go-live. - [Feature Flags: Ship Code Without Turning It On](https://aicodingguild.com/blog/feature-flags-ship-code-without-turning-it-on) — 2026-04-13 — feature-flags, deployment, vercel-edge-config — A broken feature in production is a crisis. A broken feature behind a flag is a Tuesday. Learn the three practical approaches to feature flags -- from environment variables to PostHog -- and how to use them as a day-to-day operational tool to ship safely, roll out gradually, and kill problems instantly. - [The Strangler Fig: Migrating Without Rewriting](https://aicodingguild.com/blog/the-strangler-fig-migrating-without-rewriting) — 2026-04-13 — strangler-fig, migration, architecture — Most teams that attempt a full system rewrite never finish it. The Strangler Fig pattern -- named after the tree that grows around and eventually replaces its host -- gives you a disciplined way to modernize any codebase incrementally, without a feature freeze, without a risky cutover weekend, and without throwing away the institutional knowledge baked into your existing system. This is the architecture pattern that separates teams that successfully modernize from teams that spend three years building a replacement that ships late, broken, and already behind. - [Prompt of the Day: Implement Input Sanitization for User Content](https://aicodingguild.com/blog/prompt-implement-input-sanitization-user-content) — 2026-04-13 — input-sanitization, xss, security — Every input field in your application is a potential entry point for XSS and injection attacks. This prompt walks your AI coding tool through a systematic five-step sanitization audit: map every input surface, validate with Zod schemas, sanitize rendered HTML with DOMPurify and sanitize-html, secure file upload metadata, and lock down Content Security Policy headers. - [The AI Agent That Deleted a Production Database](https://aicodingguild.com/blog/ai-agent-deleted-production-database) — 2026-04-12 — databases, backups, ai-agents — Replit's AI agent wiped SaaStr's production database. Claude Code ran terraform destroy on 2.5 years of data. Here's what backup verification actually means — and why AI agents must be read-only by default. - [Amazon Lost 6.3 Million Orders to a Vibe-Coded Deployment](https://aicodingguild.com/blog/amazon-vibe-coded-deployment-outage) — 2026-04-12 — security, deployment, vibe-coding — In March 2026, an AI-assisted deployment took Amazon.com offline for six hours and swallowed 6.3 million orders. Here's exactly what happened — and what you must check before you ship. - [DIY Pen Testing: How to Test Your Own App](https://aicodingguild.com/blog/diy-pen-testing-how-to-test-your-own-app) — 2026-04-12 — penetration-testing, security-scanning, owasp-zap — Most apps built with AI coding tools ship with vulnerabilities that take an attacker less than five minutes to find. Before someone else tests your app, here is how to test it yourself -- no security background required. - [Rate Limiting Your Own API: Protection from Yourself](https://aicodingguild.com/blog/rate-limiting-your-own-api-protection-from-yourself) — 2026-04-12 — rate-limiting, api-protection, upstash — Your API doesn't need a malicious attacker to go down in flames -- a single retry loop in your own frontend code can DDoS your own backend and spike your Vercel bill by thousands of dollars overnight. This guide walks through the three rate limiting algorithms, a complete Upstash Redis implementation for Next.js, and the exact limits to set on every endpoint type before you ship. - [LLM Cost Architecture: Caching, Routing, Fallbacks](https://aicodingguild.com/blog/llm-cost-architecture-caching-routing-fallbacks) — 2026-04-12 — llm, cost-optimization, caching — LLM API costs spiral fast -- one founder watched their bill hit $14,800 in a single month before implementing the three patterns that cut it by 85%. Learn how semantic caching, model routing, and circuit-breaker fallbacks work together to make AI features economically viable at scale. - [Prompt of the Day: Optimize Your Bundle Size with Code Splitting](https://aicodingguild.com/blog/prompt-optimize-bundle-size-code-splitting) — 2026-04-12 — bundle-size, code-splitting, react-lazy — A bloated JavaScript bundle is the fastest way to kill your app's performance before a user even clicks a button. This prompt walks your AI coding tool through a five-step bundle audit: analyze chunks, identify lazy-loading candidates, implement React.lazy and next/dynamic correctly, clean up barrel file re-exports, and eliminate duplicate dependencies. - [The 86% XSS Failure Rate in AI-Generated Code](https://aicodingguild.com/blog/ai-generated-code-xss-failure-rate) — 2026-04-11 — web-security, xss, frontend — Veracode tested 100+ LLMs on security benchmarks. 86% failed on XSS. AI generates forms without sanitization and skips CSP headers. Here's what to do about it. - [When AI Writes Your Infrastructure Code: A terraform destroy Story](https://aicodingguild.com/blog/ai-infrastructure-code-terraform-destroy) — 2026-04-11 — devops, terraform, infrastructure — AI coding agents make predictable infrastructure mistakes — environment variable leaks, blast radius blindness, and dangerous Terraform commands. Here's how to design around them. - [Supabase Security Hardening Checklist](https://aicodingguild.com/blog/supabase-security-hardening-checklist) — 2026-04-11 — supabase, security, rls — Hundreds of Supabase projects have had their entire databases exposed through a single misconfiguration: Row Level Security left disabled. This checklist walks you through every critical security setting -- from RLS policies to service role key hygiene to storage bucket access -- so your app is hardened before it matters. - [SSL Certificates: Why They Expire and What to Do](https://aicodingguild.com/blog/ssl-certificates-why-they-expire-what-to-do) — 2026-04-11 — ssl, tls, certificates — A single expired certificate took down Starlink, grounded Alaska Airlines flights, and halted Bank of England payments in 2024 -- and certificate lifetimes are about to shrink from 398 days to 47 days by 2029. Here is what every production developer needs to understand about TLS certificates, how Vercel handles them, and what falls squarely on your shoulders. - [Multi-Region Deployment: When You Actually Need It](https://aicodingguild.com/blog/multi-region-deployment-when-you-actually-need-it) — 2026-04-11 — multi-region, architecture, deployment — Most applications don't need multi-region deployment -- they need a well-optimized single region and a clear head about what problem they're actually solving. This article cuts through the architectural prestige bias and gives you the decision framework to make the right call before you commit to infrastructure that could cost you 80-150% more and six months of engineering time. - [Prompt of the Day: Set Up Uptime Monitoring for Your App](https://aicodingguild.com/blog/prompt-set-up-uptime-monitoring-for-your-app) — 2026-04-11 — uptime-monitoring, health-checks, better-stack — Your app can go down at 2 a.m. and the first person to notice might be a frustrated user. This prompt wires up a proper /api/health endpoint with shallow and deep checks, connects it to Better Stack or UptimeRobot, configures Slack and SMS alert escalation, and stands up a public status page -- all in one shot. - [Cursor 3 Is Agent-First: What This Means for Your Architecture](https://aicodingguild.com/blog/cursor-3-agent-first-architecture-implications) — 2026-04-10 — architecture, cursor, ai-agents — Cursor 3 launched with an agent-first interface. Claude Code has 54% market share. We're moving toward full delegation — which means your architecture needs to survive agents that act fast and ask questions later. - [72,000 Photos Exposed: When AI Sets Up Your Firebase](https://aicodingguild.com/blog/firebase-security-rules-ai-misconfiguration) — 2026-04-10 — mobile, firebase, security — The Tea App exposed 72,000 images — including 13,000 government IDs — because AI generated Firebase storage with wide-open default settings. Here's the checklist every mobile developer needs before launch. - [Prompt of the Day: Create a Background Job with QStash or Inngest](https://aicodingguild.com/blog/prompt-create-background-job-qstash-inngest) — 2026-04-10 — background-jobs, qstash, inngest — Serverless functions time out. Background jobs do not. Learn the prompt that gets your AI coding tool to wire up a full QStash or Inngest background job system -- with webhook verification, retry logic, and TypeScript types -- in a single pass. - [Prompt Injection: When Users Trick Your AI](https://aicodingguild.com/blog/prompt-injection-when-users-trick-your-ai) — 2026-04-10 — prompt-injection, ai-security, llm — Prompt injection is the number one AI security risk according to OWASP -- and it is not just a big-company problem. If your app lets users interact with an AI that processes content or takes actions, an attacker can manipulate it with nothing more than carefully crafted text. Here is what you need to know and how to defend against it. - [DNS Management: The Setup You Do Once](https://aicodingguild.com/blog/dns-management-the-setup-you-do-once) — 2026-04-10 — dns, domains, vercel — DNS is the one infrastructure decision that can take your entire site offline with a single misconfiguration -- as Zoom learned when a registrar error put zoom.us offline for two hours in April 2025. This guide covers what every serious developer needs to know about DNS records, Vercel domain setup, propagation, and domain security to get it right once and keep it running. - [Monitoring Architecture: Metrics, Logs, Traces, Alerts](https://aicodingguild.com/blog/monitoring-architecture-metrics-logs-traces-alerts) — 2026-04-10 — monitoring, observability, opentelemetry — Most teams have data everywhere and visibility nowhere. This deep-dive breaks down the three pillars of observability -- metrics, logs, and traces -- and shows you how to wire them together into a monitoring architecture that actually wakes you up before your users do. - [35 CVEs in One Month: What Senior Engineers See That AI Doesn't](https://aicodingguild.com/blog/35-cves-senior-engineers-see-what-ai-doesnt) — 2026-04-09 — security, code-review, cve — CVEs from AI-generated code jumped from 6 in January to 35 in March 2026. Senior engineers have pattern recognition that takes years to build. Here's how to develop it faster — and why sharing it is the guild's mission. - [Prompt Engineering for Production Safety](https://aicodingguild.com/blog/prompt-engineering-production-safety) — 2026-04-09 — prompts, ai-tools, production-safety — 92% of developers use AI coding tools. 60% of new code is AI-generated. But most prompts are 'build X' with no safety constraints. Here's how to write prompts that produce code you can actually ship. - [MCP Security: Risks of Connecting AI to Your Systems](https://aicodingguild.com/blog/mcp-security-risks-connecting-ai-to-your-systems) — 2026-04-09 — mcp, ai-security, prompt-injection — Model Context Protocol (MCP) lets your AI assistant reach into your databases, email, GitHub, and Slack -- but every new connection is a new attack surface. Real incidents in 2025 showed that a single malicious prompt embedded in a support ticket or a webpage can silently redirect an AI agent to exfiltrate your credentials. Here is what vibe coders need to know before they wire up their next integration. - [CDN and Caching: Make Your Site Fast Without Effort](https://aicodingguild.com/blog/cdn-and-caching-make-your-site-fast-without-effort) — 2026-04-09 — cdn, caching, vercel — Most developers ship their Next.js apps and leave caching entirely unconfigured. A few cache headers and a proper edge network setup can cut Time to First Byte by 90% and slash hosting costs -- without touching a single line of application logic. Here is how to do it right. - [Why Your Vercel Bill Is $500/Month (Cost Optimization)](https://aicodingguild.com/blog/why-your-vercel-bill-is-500-month-cost-optimization) — 2026-04-09 — vercel, cost-optimization, nextjs — Vercel's hybrid pricing model can turn a $20/month plan into a $500+ surprise without a single misconfiguration. This deep dive breaks down the five cost drivers that architects consistently underestimate, the rendering strategy decisions that separate cheap deployments from expensive ones, and a concrete checklist for auditing your bill before it closes. - [Prompt of the Day: Add CORS Headers That Actually Work](https://aicodingguild.com/blog/prompt-add-cors-headers-that-actually-work) — 2026-04-09 — cors, api, nextjs — CORS errors are one of the most misdiagnosed problems in web development -- and the most common fix, slapping on a wildcard *, is both a security risk and often does not even work. This prompt gives your AI coding tool the context it needs to diagnose the exact error, configure the correct server-side headers, handle OPTIONS preflight, and split your allowed origins between development and production. - [What to Log and What NEVER to Log](https://aicodingguild.com/blog/what-to-log-and-what-never-to-log) — 2026-04-08 — logging, security, pii — Your logs are the nervous system of your application -- but they can also become your biggest security liability. One misconfigured middleware layer cost Meta $101 million in GDPR fines. Here is exactly what to log, what to never log, and how to audit your AI-generated code before it ships sensitive data to your log aggregator. - [Health Checks: Know Before Your Users Do](https://aicodingguild.com/blog/health-checks-know-before-your-users-do) — 2026-04-08 — health-checks, monitoring, uptime — Most developers have no idea when their app is down until a user tells them. A health check endpoint is the simplest fix you are probably not shipping. Here is how to build one, wire it to an uptime monitor, and set up alerting that actually wakes you up. - [Feature Flag Architecture: Ship Without Risk](https://aicodingguild.com/blog/feature-flag-architecture-ship-without-risk) — 2026-04-08 — feature-flags, architecture, deployment — Feature flags let you ship code without exposing it -- decoupling deployment from release so you can dark-launch, progressively roll out, and kill any feature in seconds without a redeploy. But flags are an architectural pattern, not just a tool: where they live, how they fail, and how you retire them are decisions that will make or break your system under pressure. - [Prompt of the Day: Replace Prop Drilling with Proper State Management](https://aicodingguild.com/blog/prompt-replace-prop-drilling-state-management) — 2026-04-08 — prop-drilling, state-management, zustand — Prop drilling kills maintainability one forwarded prop at a time. This prompt teaches your AI coding tool to identify exactly which props are being drilled, choose the right solution -- Context, Zustand, or Jotai -- and refactor the component tree without breaking your TypeScript types. - [Database Backups: Do This Before Everything Else](https://aicodingguild.com/blog/database-backups-do-this-before-everything-else) — 2026-04-07 — database, backups, supabase — Most vibe coders assume their hosting provider is protecting their data. They are wrong. Before you add another feature, before you launch, before you do anything else -- set up database backups that are tested, offsite, and automated. Here is exactly how to do it with Supabase and Postgres. - [Rollbacks: Undo a Bad Deploy in 30 Seconds](https://aicodingguild.com/blog/rollbacks-undo-bad-deploy-30-seconds) — 2026-04-07 — rollback, deployment, vercel — Every deploy is a bet -- and sometimes you lose. Rollbacks are your safety net: the ability to undo a broken production deploy in seconds, not hours. This guide covers Vercel instant rollback, git revert strategies, database migration rollbacks, and the exact 30-second incident response checklist you need when things go wrong on a Friday night. - [Event-Driven Architecture: When and How to Decouple](https://aicodingguild.com/blog/event-driven-architecture-when-and-how-to-decouple) — 2026-04-07 — event-driven, architecture, decoupling — Tight coupling is silent until it kills you -- usually at the worst possible moment. This deep-dive walks through the core event-driven architecture pattern, a five-question decision framework for when to decouple, and concrete implementation options from in-process emitters to Inngest and Supabase Realtime. No Kafka required to get started. - [Prompt of the Day: Configure Preview Deployments on Vercel](https://aicodingguild.com/blog/prompt-configure-preview-deployments-vercel) — 2026-04-07 — vercel, preview-deployments, next-js — Every pull request deserves a live, isolated environment wired to test services -- not production. This prompt gives your AI coding tool everything it needs to configure Vercel preview deployments end-to-end: scoped environment variables, branch-based preview rules, a GitHub PR comment bot, and CORS and auth redirect handling for dynamic preview URLs. - [Monolith vs Microservices: The Honest Answer](https://aicodingguild.com/blog/monolith-vs-microservices-honest-answer) — 2026-04-06 — microservices, monolith, architecture — Amazon Prime Video cut infrastructure costs 90% by moving FROM microservices back to a monolith. The CNCF 2025 survey shows 42% of organizations are consolidating services. Before you split your system, answer these five questions — the honest framework that experienced architects use to make the right call. - [Prompt of the Day: Build an Optimistic UI Update Pattern](https://aicodingguild.com/blog/prompt-optimistic-ui-update-pattern) — 2026-04-06 — optimistic-ui, react, nextjs — Every millisecond of perceived lag costs you user trust. Optimistic UI updates — updating the interface immediately before the server confirms — are how modern apps feel instant. Today's prompt shows you exactly how to instruct your AI coding tool to implement this pattern correctly, with rollback, TypeScript types, and loading states included. - [Dev, Staging, Production: Why You Need All Three](https://aicodingguild.com/blog/dev-staging-production-why-you-need-all-three) — 2026-04-06 — staging, environments, vercel — Pushing untested code directly to production is how real money gets lost and real users get hurt. This guide walks through the exact three-environment setup — dev, staging (Vercel Preview), and production — that keeps your deploys safe, your Stripe keys straight, and your customers happy. - [Environment Variables in Vercel: The Right Way](https://aicodingguild.com/blog/environment-variables-vercel-right-way) — 2026-04-06 — vercel, environment-variables, security — One prefix. Two extra characters. Enough to expose your Stripe secret key to every user who opens DevTools. This tutorial walks you through exactly how environment variables work in Vercel, where most vibe-coders go wrong, and the simple habits that keep your secrets actually secret. - [Free Security Scanning Tools You Should Run Today](https://aicodingguild.com/blog/free-security-scanning-tools-you-should-run-today) — 2026-04-05 — security, sast, semgrep — You've built something with AI assistance. It works. Users love it. But is it safe? In this guide, Tom Hundley walks through eight free security scanning tools — Semgrep, Bandit, ESLint security plugins, npm audit, pip-audit, Trivy, TruffleHog/Gitleaks, and OWASP ZAP — with exact install and run commands for each. Run these today before your next deployment. - ['Too Many Connections': Database Pooling Explained](https://aicodingguild.com/blog/too-many-connections-database-pooling-explained) — 2026-04-05 — database, postgresql, connection-pooling — It's 11 PM on a Friday and your app just went down. The error is 'FATAL: sorry, too many clients already.' You have 200 users online. Your database allows 100 connections. How did this happen — and why did adding more servers make it worse? This is database connection pooling, and understanding it will save your production system. - [Multi-Step Forms: State Machines in Practice](https://aicodingguild.com/blog/multi-step-forms-state-machines-in-practice) — 2026-04-05 — state-machines, multi-step-forms, xstate — Most multi-step forms collapse under their own weight because developers treat them as a collection of if-statements rather than what they actually are: a finite state machine. Learn the architectural framework that separates professional wizard implementations from brittle spaghetti, with real code examples using XState v5 and TypeScript. - [Prompt of the Day: Set Up Environment Variable Validation with Zod](https://aicodingguild.com/blog/prompt-of-the-day-env-variable-validation-zod) — 2026-04-05 — zod, environment-variables, validation — A single malformed environment variable took down Be My Eyes' AI chat service for 4 minutes in June 2025 — and researchers found over 12 million IPs publicly exposing .env files in early 2026. Today's prompt shows you how to validate your environment at startup using Zod, so your app fails loudly before it fails in production. - [Code Review Basics: What to Look for Before Deploy](https://aicodingguild.com/blog/code-review-basics-what-to-look-for-before-deploy) — 2026-04-04 — code review, AI-generated code, security — AI can write 200 lines of functional code in 30 seconds — but Veracode's 2025 GenAI Code Security Report found that 45% of those lines fail basic security tests. Here's the practical review workflow that catches what AI misses before it hits production. - [Soft Deletes: You WILL Want That Data Back](https://aicodingguild.com/blog/soft-deletes-you-will-want-that-data-back) — 2026-04-04 — soft-deletes, database, python — In July 2025, a Replit AI agent wiped out a live production database — 1,200 executive records gone in seconds — during an active code freeze. The data was eventually recovered, but only because of manual heroics. If that app had used soft deletes from day one, recovery would have been a single SQL query. Here's how to build the safety net you'll be grateful for at 2 AM. - [Authentication Flows with Clerk That Scale](https://aicodingguild.com/blog/authentication-flows-with-clerk-that-scale) — 2026-04-04 — clerk, authentication, jwt — Clerk gets you authenticated in 30 minutes. But what happens at 50,000 users, when your JWT cookies are bloating past 4KB, webhooks arrive out of order, and your database thinks a user exists that Clerk has already deleted? Here's the architectural decision framework to build auth that holds up. - [Prompt of the Day: Convert Callback-Based Code to Async/Await](https://aicodingguild.com/blog/prompt-of-the-day-convert-callback-to-async-await) — 2026-04-04 — async-await, callbacks, javascript — Callback hell is a real production problem — nested, untraceable, and brittle. Today's prompt shows you exactly how to ask an AI coding assistant to modernize legacy async code into clean async/await, plus the anti-pattern prompt that turns a ten-minute fix into a two-hour debugging session. - [AI Hallucination Detection: When Your AI Invents Packages](https://aicodingguild.com/blog/ai-hallucination-detection-when-your-ai-invents-packages) — 2026-04-03 — slopsquatting, AI hallucination, package hallucination — Your AI coding assistant just recommended a package that doesn't exist. An attacker already registered it with malware inside. This is slopsquatting — the threat born from AI hallucinations — and it's actively targeting vibe coders right now. - [Trust Nobody, Validate Everything: Data Validation](https://aicodingguild.com/blog/trust-nobody-validate-everything-data-validation) — 2026-04-03 — data-validation, zod, pydantic — A single line of JavaScript destroyed a database. A nil pointer in a webhook handler crashed Argo CD for thousands of teams. A Lua type error took down 28% of Cloudflare's traffic. Every one of these disasters shared a root cause: code that trusted data it received instead of validating it first. Here's how to stop being that code. - [Error Handling Architecture: Boundaries, Retry, Fallback](https://aicodingguild.com/blog/error-handling-architecture-boundaries-retry-fallback) — 2026-04-03 — error-handling, circuit-breaker, retry-logic — Bad retry logic turned a 15-hour AWS outage into a cascading retry storm affecting over 1,000 companies. Good error handling architecture — boundaries, backoff, circuit breakers, fallbacks — is the difference between a 5-minute incident and a multi-day disaster. Here's the decision framework. - [Prompt of the Day: Create a Database Migration Script](https://aicodingguild.com/blog/prompt-of-the-day-create-a-database-migration-script) — 2026-04-03 — database-migrations, postgresql, python — A weekend refactoring PR ships on Friday. Monday morning: production down, customers locked out, 500 errors everywhere. The root cause? A migration that added columns the app already expected to exist. Here's the prompt that generates safe, reversible migration scripts so your Monday mornings stay boring. - [Dependency Security: Supply Chain Attacks via npm](https://aicodingguild.com/blog/dependency-security-supply-chain-attacks-npm) — 2026-04-02 — supply chain security, npm security, typosquatting — Your audit tool came back clean. You still got owned. That's the brutal reality of npm supply chain attacks — where the package itself is the weapon, and it strikes before you run a single line of your own code. - [Why Your Page Takes 10 Seconds to Load](https://aicodingguild.com/blog/why-your-page-takes-10-seconds-to-load) — 2026-04-02 — performance, core-web-vitals, bundle-optimization — Your app works fine on your laptop but crawls for real users. Here's the real reason — and a systematic way to fix it before Google buries you in search results. - [Optimistic Updates: Instant UI for Slow APIs](https://aicodingguild.com/blog/optimistic-updates-instant-ui-for-slow-apis) — 2026-04-02 — optimistic-updates, TanStack Query, React 19 — Your API takes 800ms to confirm a like. Your user has already moved on. Here's the decision framework — and the failure modes — behind optimistic UI updates, TanStack Query rollbacks, and React 19's useOptimistic hook. - [Prompt of the Day: Build a File Upload with Presigned URLs](https://aicodingguild.com/blog/prompt-of-the-day-build-a-file-upload-with-presigned-urls) — 2026-04-02 — file-upload, presigned-urls, aws-s3 — A security researcher found an S3 bucket with 273,000 live Indian banking PDFs — 3,000 new files arriving daily — because someone built the upload flow without a presigned URL pattern. Here's the exact prompt to get your AI tool to generate the right flow the first time, with every security guardrail already baked in. - [XSS: When User Input Becomes Code](https://aicodingguild.com/blog/xss-when-user-input-becomes-code) — 2026-04-01 — XSS, cross-site scripting, React security — A Grafana dashboard looks normal. You click it. Silently, a script fires — stealing your session token and forwarding it to an attacker halfway around the world. That's stored XSS, and it's been quietly hitting production apps throughout 2025. Here's how reflected, stored, and DOM-based XSS work, why React's JSX escaping isn't the end of the story, and what vibe coders need to watch for right now. - [Stop Testing in Production: Seed Data and Test Envs](https://aicodingguild.com/blog/stop-testing-in-production-seed-data-test-envs) — 2026-04-01 — testing, seed-data, test-environments — Every vibe coder eventually learns the same brutal lesson: production is not a sandbox. Learn how to build proper seed data and test environments so you stop discovering bugs the expensive way. - [ISR, SWR, and Cache Strategies That Scale](https://aicodingguild.com/blog/isr-swr-cache-strategies-that-scale) — 2026-04-01 — ISR, SWR, caching — Your revalidation interval is 60 seconds. Your user sees three-day-old prices. Here's why that happens — and the decision frameworks to make ISR, SWR, and CDN cache invalidation actually work at production scale. - [Prompt of the Day: Scan Your Dependencies for Known Vulnerabilities](https://aicodingguild.com/blog/prompt-of-the-day-scan-dependencies-vulnerabilities) — 2026-04-01 — security, supply-chain, dependencies — One compromised package in your dependency tree can silently drain AWS credentials, hijack CI/CD pipelines, or wipe your home directory. Here's the exact prompt to make your AI coding assistant a vigilant security partner — plus the audit checklist every project needs. - [SQL Injection: The Attack Older Than Your Career](https://aicodingguild.com/blog/sql-injection-the-attack-older-than-your-career) — 2026-03-31 — SQL injection, SQLi, parameterized queries — In 2025, a Tamil Nadu government portal was breached via SQL injection — exposing over a million student records, 50,000+ Aadhaar numbers, and full authentication tokens. The fix would have taken one hour. Here's how SQL injection works, why AI coding tools still generate the vulnerable version, and the two patterns that make you immune. - [Backup Everything: Your Pre-Disaster Checklist](https://aicodingguild.com/blog/backup-everything-pre-disaster-checklist) — 2026-03-31 — backups, disaster-recovery, production — In January 2025, attackers hijacked AWS credentials and re-encrypted entire S3 buckets with keys only they controlled — then scheduled the buckets for deletion. Organizations without independent backups had one option: pay. Don't be that organization. - [State Management in 2026: What Actually Works](https://aicodingguild.com/blog/state-management-2026-what-actually-works) — 2026-03-31 — state-management, zustand, tanstack-query — After 25 years of watching teams build—and rebuild—state management from scratch, one truth holds: most apps don't need what they think they need. Here's the decision framework that actually holds up in production. - [Prompt of the Day: Extract a Custom Hook from Repeated Logic](https://aicodingguild.com/blog/prompt-of-the-day-extract-a-custom-hook-from-repeated-logic) — 2026-03-31 — react, custom-hooks, refactoring — Your AI just generated the same fetch-loading-error pattern in five different components. It works. It's a mess. Here's the prompt that turns that duplicated noise into a single, reusable custom hook — and the anti-pattern that keeps your codebase drowning in copy-paste debt. - [Prompt of the Day: Set Up Structured Logging for Production](https://aicodingguild.com/blog/prompt-of-the-day-set-up-structured-logging-for-production) — 2026-03-30 — structured-logging, observability, python — At 2 a.m., a checkout bug only reproducible in production. The logs said: 'Error fetching data.' That's it. No user ID, no trace ID, no request context — just five words and a prayer. Here's the prompt that ends that nightmare, and the anti-pattern that guarantees you'll keep living it. - [Input Validation: Never Trust What Users Type](https://aicodingguild.com/blog/input-validation-never-trust-what-users-type) — 2026-03-30 — input validation, SQL injection, XSS — A $2 billion fintech company learned the hard way in 2025 that a single unvalidated input field can bring down an entire platform. Here's what vibe coders need to know about injection attacks — and the dead-simple practices that stop them cold. - [Database Migrations: Schema Changes Without Data Loss](https://aicodingguild.com/blog/database-migrations-schema-changes-without-data-loss) — 2026-03-30 — database, migrations, schema-changes — One missing WHERE clause. One untested API endpoint. One DROP TABLE left in from local testing. These aren't edge cases — they're how production databases die. Here's the system that keeps yours alive. - [Server Components vs Client Components: Mental Model](https://aicodingguild.com/blog/server-components-vs-client-components-mental-model) — 2026-03-30 — react-server-components, client-components, next-js-app-router — A team migrated to Next.js App Router and ended up with 500KB more JavaScript than before. Not because App Router is bad — because they used 'use client' as an escape hatch instead of an architectural contract. This deep-dive covers the decision framework for getting the boundary right: the four questions you ask at every component, the propagation trap that inflates bundles, how Suspense unlocks streaming performance, and when RSC is the wrong tool entirely. - [HTTPS Everywhere: Why and How to Enforce It](https://aicodingguild.com/blog/https-everywhere-why-and-how-to-enforce-it) — 2026-03-29 — https, tls, ssl — Your AI-generated app probably serves HTTPS — but does it *enforce* it? One misconfigured redirect, one missing header, one forgotten certificate renewal can expose your users to silent interception. Here's how to lock it down for real. - [Preview Deployments: Test Before You Break Production](https://aicodingguild.com/blog/preview-deployments-test-before-you-break-production) — 2026-03-29 — preview-deployments, vercel, staging — Every deploy to production is a bet. Preview deployments let you run that bet in a safe environment first — but only if you set them up right. Here's how to build a preview deployment workflow that actually catches problems before they reach your users. - [File Upload Architecture: Presigned URLs and Processing](https://aicodingguild.com/blog/file-upload-architecture-presigned-urls-and-processing) — 2026-03-29 — file-upload, presigned-urls, s3-architecture — In August 2025, UpGuard researchers found a publicly accessible S3 bucket with 273,000 live Indian banking transaction PDFs — roughly 3,000 new files landing daily. The company responsible later blamed it on a 'configuration gap.' That's not a configuration problem. That's an architecture problem. This deep-dive covers the decision framework for building file upload pipelines that are actually secure: presigned URL generation, the incoming/clean/quarantine processing pattern, MIME type validation, malware scanning, and the IAM policies that make it all hold together. - [Prompt of the Day: Create a Webhook Handler for Stripe Events](https://aicodingguild.com/blog/prompt-of-the-day-create-a-webhook-handler-for-stripe-events) — 2026-03-29 — stripe, webhooks, payments — Eight customers double-charged in one week. The culprit wasn't a billing bug — it was a webhook handler missing three lines of idempotency logic. Here's the exact prompt to never ship that handler again, plus the anti-pattern that guarantees you'll be issuing refunds at 2 a.m. - [CORS Explained: Why Your API Returns Weird Errors](https://aicodingguild.com/blog/cors-explained-why-your-api-returns-weird-errors) — 2026-03-28 — cors, api-security, cross-origin — Your AI-built app works perfectly on localhost, but the moment you deploy it, the browser throws a cryptic 'blocked by CORS policy' error. Here's exactly what's happening — and how to fix it without blowing a hole in your security. - [Linting and Formatting on Autopilot](https://aicodingguild.com/blog/linting-and-formatting-on-autopilot) — 2026-03-28 — eslint, prettier, linting — A single missing semicolon doesn't crash production. A thousand unchecked style inconsistencies do — in the form of bugs that slip through review, onboarding that takes weeks instead of days, and code reviews that devolve into arguments about tabs versus spaces. Here's how to automate all of it away. - [Rate Limiting Architecture: Protecting API and Wallet](https://aicodingguild.com/blog/rate-limiting-architecture-protecting-api-and-wallet) — 2026-03-28 — rate-limiting, redis, distributed-systems — A student received a $55,444 Google Cloud bill after their Gemini API key was exposed on GitHub. A developer watched their Gemini billing spike across three days in October 2025 with no automated ceiling to stop it. These aren't edge cases — they're architectural failures. This article goes deep on the decisions that actually matter: which algorithm to choose and why, where in your stack to place rate limiters, how to build distributed rate limiting that survives Redis outages, and how to use rate limits as a cost firewall, not just a traffic tool. - [Prompt of the Day: Add Row Level Security to Your Supabase Tables](https://aicodingguild.com/blog/prompt-of-the-day-add-row-level-security-supabase) — 2026-03-28 — supabase, rls, row-level-security — Your AI coding assistant built your Supabase tables fast. It probably skipped Row Level Security entirely. Here's the exact prompt that generates correct, production-ready RLS policies for any table you have — plus the anti-prompt that produces policies that look right but leave your data wide open. - [Rate Limiting: Preventing Abuse Before It Starts](https://aicodingguild.com/blog/rate-limiting-preventing-abuse-before-it-starts) — 2026-03-27 — rate limiting, API security, brute force prevention — In May 2025, a security researcher brute-forced every possible Volkswagen app OTP — all 10,000 combinations — in seconds, because the API had no rate limiting. No lockout. No anomaly detection. Just an open door. Here's how you make sure your app isn't next. - [TypeScript Safety: Catching Bugs Before They Ship](https://aicodingguild.com/blog/typescript-safety-catching-bugs-before-they-ship) — 2026-03-27 — typescript, type-safety, javascript — TypeScript became the #1 language on GitHub in 2025 — but most teams are still writing JavaScript with type annotations bolted on. Here's how to use TypeScript the way it was meant: as a compile-time safety net that catches real production bugs before they ship. - [Edge vs Serverless vs Server: Where to Run Your Code](https://aicodingguild.com/blog/edge-vs-serverless-vs-server-where-to-run-your-code) — 2026-03-27 — edge-computing, serverless, cloudflare-workers — A Vercel customer moved 20 API calls server-side and watched their monthly bill jump from $300 to $3,550 overnight. A South African fintech ran a single Lambda function doing sentiment analysis and racked up $31,000 a year without knowing it. The choice of where to run your code isn't just a performance decision — it's a cost, latency, and operational bet you make before you write a single line. - [Prompt of the Day: Optimize Slow Database Queries](https://aicodingguild.com/blog/prompt-of-the-day-optimize-slow-database-queries) — 2026-03-27 — database, sql, query-optimization — Your app runs great locally, then hits production with real data and grinds to a crawl. Nine times out of ten, the database is the culprit. Here's the exact prompt that gets an AI assistant to diagnose and fix slow queries — plus the anti-pattern that sends it chasing ghosts in your application code. - [Two-Factor Authentication: Protect Your Own Accounts First](https://aicodingguild.com/blog/two-factor-authentication-protect-your-accounts) — 2026-03-26 — two-factor authentication, 2FA, MFA — On September 8, 2025, a phishing email fooled a seasoned npm maintainer into handing over his 2FA code — and within two hours, 18 packages with 2.6 billion weekly downloads were serving crypto-stealing malware. The attacker didn't exploit a server. They exploited a human. Here's how you make sure that human isn't you. - [GitHub Actions 101: Tests on Every Push](https://aicodingguild.com/blog/github-actions-101-tests-on-every-push) — 2026-03-26 — github-actions, ci-cd, automated-testing — In March 2025, a single compromised GitHub Action silently dumped AWS keys, GitHub tokens, and private RSA keys from 23,000 repositories. The teams that had pinned their Actions to commit hashes and gated their deployments behind passing tests? They were fine. Here's how to be one of those teams. - [Webhook Architecture: Receiving Events from Stripe & Clerk](https://aicodingguild.com/blog/webhook-architecture-receiving-events-from-stripe-and-clerk) — 2026-03-26 — webhooks, stripe, clerk — A SaaS founder's payment webhook was silently failing during deploys. Stripe kept retrying. The handler kept double-charging. Here's the architectural decision framework for webhook receivers — signature verification, idempotency, and async processing — that separates toy integrations from production systems. - [Prompt of the Day: Build a Tip Button Component with Stripe](https://aicodingguild.com/blog/prompt-of-the-day-build-a-tip-button-component-with-stripe) — 2026-03-26 — stripe, payments, tip-button — Most Stripe tutorials show you how to charge a fixed price. Tips are different — the amount is unknown until the user picks it. Here's the exact prompt that gets an AI coding assistant to build a production-ready tip button, plus the anti-pattern that causes a split-brain nightmare in your database. - [Row Level Security: The Database Safety Net You Must Enable](https://aicodingguild.com/blog/row-level-security-database-safety-net) — 2026-03-25 — row-level-security, rls, supabase — In 2025, researchers scanned 20,000 vibe-coded apps and found 11% were leaking database access — most because Row Level Security was never turned on. Here's what RLS is, why AI coding tools miss it, and how to fix it in under ten minutes. - [Testing API Routes: Making Sure Your Backend Works](https://aicodingguild.com/blog/testing-api-routes-making-sure-your-backend-works) — 2026-03-25 — api-testing, backend, security — Sixty-four million job applicants had their personal data exposed because one API endpoint never checked whether you were allowed to see someone else's records. Here's how to test your routes before production finds the bugs for you. - [Background Jobs: When Your API Route Takes Too Long](https://aicodingguild.com/blog/background-jobs-when-your-api-route-takes-too-long) — 2026-03-25 — background-jobs, task-queues, serverless-timeouts — A report generation feature worked perfectly in development. In production, on Vercel, it silently killed the request at 10 seconds and left users staring at a spinner forever. Here's the architectural decision framework for background jobs — and why most teams make this call too late. - [Prompt of the Day: Set Up a Complete CI/CD Pipeline with GitHub Actions](https://aicodingguild.com/blog/prompt-of-the-day-cicd-pipeline-github-actions) — 2026-03-25 — github-actions, ci-cd, devops — One bad commit pushed directly to main can ruin your Monday. Here's the exact prompt to have AI scaffold a production-grade CI/CD pipeline with GitHub Actions — complete with tests, secrets management, and deployment gates. - [Choosing an Auth Provider: Clerk vs Auth0 vs Supabase Auth](https://aicodingguild.com/blog/choosing-auth-provider-clerk-vs-auth0-vs-supabase) — 2026-03-24 — authentication, clerk, auth0 — Picking an auth provider is one of the most consequential decisions you'll make when building a product. Get it wrong and you'll face a jaw-dropping bill, a painful migration, or a compliance gap right when a big customer asks about it. Here's a plain-English breakdown of the three providers dominating the 2026 landscape. - [Writing Your First Test: The 15-Minute Version](https://aicodingguild.com/blog/writing-your-first-test-15-minutes) — 2026-03-24 — testing, vitest, pytest — Vitest just became the most adopted technology in the entire JavaScript ecosystem — beating React, beating Next.js, beating everything. The community has voted: untested code is a liability. Here's how to write your first real test in under 15 minutes, with zero prior testing experience required. - [API Versioning: Change Without Breaking Clients](https://aicodingguild.com/blog/api-versioning-change-without-breaking-clients) — 2026-03-24 — api-versioning, breaking-changes, api-design — A v2 migration that looked clean on paper destroyed production for 6 hours and wiped $47K in daily payments. Here's the decision framework that separates API versioning strategies that scale from the ones that blow up on Monday morning. - [Prompt of the Day: Add Rate Limiting to Any API Route](https://aicodingguild.com/blog/prompt-of-the-day-add-rate-limiting-to-any-api-route) — 2026-03-24 — rate limiting, API security, Next.js — Every unprotected API route is an open invitation — for bots, credential-stuffers, and runaway scripts that will kill your uptime and your cloud bill. One prompt, and your AI assistant wires up production-grade rate limiting in minutes. - [OAuth Explained: Why 'Login with Google' Is Safer](https://aicodingguild.com/blog/oauth-explained-login-with-google-safer) — 2026-03-23 — oauth, authentication, security — Every time you click 'Login with Google,' you're using one of the most important security inventions of the modern web. Here's what's actually happening under the hood — and why it's far safer than a username and password you manage yourself. - [Why AI-Generated Code Needs Tests (Even If It 'Works')](https://aicodingguild.com/blog/why-ai-generated-code-needs-tests) — 2026-03-23 — testing, ai-generated-code, security — AI coding tools are writing 4x more code—and introducing 10x more security vulnerabilities. From a Replit agent that wiped a production database to 1.5 million exposed API keys, the pattern is clear: AI code that 'works' in testing fails catastrophically in production. Here's how to stop it. - [REST vs GraphQL vs tRPC: The Actual Tradeoffs](https://aicodingguild.com/blog/rest-vs-graphql-vs-trpc-actual-tradeoffs) — 2026-03-23 — REST, GraphQL, tRPC — Three API paradigms. Endless Twitter debates. Almost zero useful guidance for the actual decision you're facing today. Let's cut through the noise with a decision framework built on real production tradeoffs—not benchmark theater. - [Prompt of the Day: Convert a REST API to Type-Safe tRPC](https://aicodingguild.com/blog/prompt-of-the-day-convert-rest-api-to-type-safe-trpc) — 2026-03-23 — tRPC, TypeScript, REST API — Stop syncing TypeScript interfaces by hand. One prompt, and your AI coding assistant converts a REST endpoint into a fully type-safe tRPC procedure — with Zod validation included. - [Your First Security Audit: A 15-Minute Checklist](https://aicodingguild.com/blog/your-first-security-audit-a-15-minute-checklist) — 2026-03-22 — security-audit, vibe-coding, semgrep — A vibe-coded AI startup shipped a product to 400 paying customers. Seven months later a prospective user clicked a LinkedIn demo link, registered for what they thought was a public trial — and found themselves inside the company's entire production environment with admin rights. Here's the 15-minute checklist that catches these disasters before launch. - [Alert Fatigue: Notifications That Actually Matter](https://aicodingguild.com/blog/alert-fatigue-notifications-that-actually-matter) — 2026-03-22 — alerting, monitoring, sre — 73% of organizations had outages in 2025 caused by ignored alerts. Your monitoring system isn't broken — it's trained your team to tune it out. Learn the practical framework for building alerts that demand attention, not silence. - [Data Modeling for AI Apps: Embeddings and Vectors](https://aicodingguild.com/blog/data-modeling-ai-apps-embeddings-vectors) — 2026-03-22 — vector-databases, embeddings, pgvector — Every AI app eventually hits the same wall: how do you store and retrieve meaning, not just text? Learn how to make the right architectural decisions around vector storage, embedding model selection, and RAG pipeline design—before your production system teaches you the hard way. - [Prompt of the Day: Write Tests for Your AI-Generated API Routes](https://aicodingguild.com/blog/prompt-of-the-day-write-tests-ai-generated-api-routes) — 2026-03-22 — testing, api, vitest — A developer shipped an AI-generated Express API to production on a Friday. By Monday, three routes were silently returning 200s on failures. Here's the prompt that catches what AI misses—and the anti-pattern that leaves you flying blind. - [Front-End vs Back-End: Why Browser API Keys Are Public](https://aicodingguild.com/blog/front-end-vs-back-end-why-browser-api-keys-are-public) — 2026-03-21 — api-keys, front-end-security, back-end — A developer vibe-coded a Stripe integration, shipped it, and 175 customers got charged $500 each — $87,500 gone because the secret API key was sitting in the browser. This is not rare. Here's why the front-end and back-end are fundamentally different environments, and which keys belong where. - [API Error Handling: What to Return and What to Swallow](https://aicodingguild.com/blog/api-error-handling-what-to-return-and-what-to-swallow) — 2026-03-21 — api, error-handling, security — A verbose 500 error once handed attackers an entire SQL query, a database table name, and a server path — all in one response. Learn the two-layer error model every production API needs: what to expose to callers, what to log internally, and how RFC 9457 gives you a professional standard to follow. - [Database Connections in Serverless: The Pooling Problem](https://aicodingguild.com/blog/database-connections-serverless-pooling-problem) — 2026-03-21 — serverless, database, postgresql — Every senior engineer has seen it: a perfectly working app deployed to Lambda or Vercel starts throwing 'too many connections' at 3 AM. Here's the decision framework for solving the serverless connection pooling problem once and for all. - [Prompt of the Day: Build a Real-Time Dashboard with Supabase](https://aicodingguild.com/blog/prompt-of-the-day-build-real-time-dashboard-supabase) — 2026-03-21 — supabase, realtime, react — A restaurant's ordering system went dark mid-service because nobody closed a WebSocket subscription. Here's the exact prompt that builds a Supabase real-time dashboard that doesn't blow up in production—and the four mistakes that will. - [Secrets Managers Compared: Doppler vs Infisical vs 1Password](https://aicodingguild.com/blog/secrets-managers-compared-doppler-infisical-1password) — 2026-03-20 — secrets-management, doppler, infisical — You built an app with AI, shipped it fast, and hardcoded your API key right into the repo. Now it's live on GitHub. Here's how to stop that from ever happening again — and which secrets manager is right for where you are today. - [React Error Boundaries: Don't Let One Bug Crash Everything](https://aicodingguild.com/blog/react-error-boundaries-dont-let-one-bug-crash-everything) — 2026-03-20 — react, error-boundaries, production — A single malformed API response took down an entire dashboard — not just one widget. Learn how React Error Boundaries work, where to place them, and how the react-error-boundary library and React 19 make graceful failure a first-class concern in production. - [Real-Time with Supabase: Architecture and Gotchas](https://aicodingguild.com/blog/real-time-supabase-architecture-gotchas) — 2026-03-20 — supabase, realtime, websockets — Supabase Realtime looks like magic until it doesn't. Here's the architectural decision framework that separates builders who ship reliable real-time features from those drowning in missed events, WAL backlogs, and RLS surprises. - [Prompt of the Day: Create a Secure Authentication Flow with Clerk](https://aicodingguild.com/blog/prompt-of-the-day-create-secure-authentication-flow-clerk) — 2026-03-20 — clerk, authentication, nextjs — In March 2025, a critical Next.js vulnerability let attackers bypass middleware auth entirely with a single HTTP header. Here's the exact prompt that builds a Clerk auth flow that would have survived it—and why most vibe-coded auth setups wouldn't. - [git-leaks: Stop Secrets Before They Ship](https://aicodingguild.com/blog/gitleaks-stop-secrets-before-they-ship) — 2026-03-19 — gitleaks, secret-scanning, pre-commit — One leaked API key can empty your wallet, expose your users, and haunt your git history forever. Learn how to install gitleaks and block credentials at the commit level — before they ever leave your machine. - [Structured Logging: Making Your Logs Searchable](https://aicodingguild.com/blog/structured-logging-making-your-logs-searchable) — 2026-03-19 — logging, structured-logging, observability — Unstructured logs are just noise. Learn how to write JSON-structured logs that you can actually query, filter, and act on when production is on fire—with real code examples in Python and JavaScript. - [When Postgres Is Enough (Longer Than You Think)](https://aicodingguild.com/blog/when-postgres-is-enough) — 2026-03-19 — postgresql, database, architecture — Most teams abandon PostgreSQL before they've actually hit its limits. Before you migrate to MongoDB, DynamoDB, or a dedicated vector database, find out what Postgres can already do — and the decision framework to know when it's genuinely time to leave. - [Prompt of the Day: Refactor a 200-Line Component into Smaller Pieces](https://aicodingguild.com/blog/prompt-of-the-day-refactor-200-line-component-smaller-pieces) — 2026-03-19 — refactoring, react, components — AI assistants love to dump 200 lines into a single component. Here's the exact prompt to break that monolith apart—and why getting this right is the difference between code you can maintain and code you'll dread opening. - [Git History Is Forever: Why Committed Secrets Never Die](https://aicodingguild.com/blog/git-history-is-forever-why-committed-secrets-never-die) — 2026-03-18 — git, security, secrets — That API key you deleted from your code three commits ago? It's still sitting in your git history, visible to anyone who clones your repo. Here's why "just delete it" doesn't work — and what actually does. - [What to Log, What to Skip, What to Never Record](https://aicodingguild.com/blog/what-to-log-what-to-skip-what-to-never-record) — 2026-03-18 — logging, observability, security — Logging the wrong data doesn't just slow you down — it can expose millions of users and trigger federal breach notifications. This guide draws a hard line between the operational signals you need, the noise you should skip, and the data that must never appear in any log file. - [Multi-Tenant Database Design: Shared vs Separate](https://aicodingguild.com/blog/multi-tenant-database-design-shared-vs-separate) — 2026-03-18 — multi-tenancy, database, saas — A missing WHERE clause in one background job exposed customer records across tenants — not because the engineers were careless, but because nobody had made an explicit architectural decision about isolation. Here's the decision framework that keeps you out of that situation. - [Prompt of the Day: Add Sentry Error Tracking to Your Next.js App](https://aicodingguild.com/blog/prompt-of-the-day-add-sentry-error-tracking-nextjs) — 2026-03-18 — sentry, nextjs, error-tracking — Your AI-generated app is live. Now what? Learn the exact prompt to add production-grade Sentry error tracking to your Next.js app—before your users find the bugs for you. - [API Keys: What They Are, Where They Go, How They Leak](https://aicodingguild.com/blog/api-keys-what-they-are-where-they-go-how-they-leak) — 2026-03-17 — api-keys, security, credentials — You asked an AI to build you something, it worked, and you shipped it. Somewhere in that project is an API key. This article explains what it is, where it belongs, and the three most common ways it ends up on the internet — with your name on the bill. - [Sentry in 10 Minutes: Catch Every Error Automatically](https://aicodingguild.com/blog/sentry-in-10-minutes-catch-every-error-automatically) — 2026-03-17 — sentry, error-monitoring, production — Your production app is throwing errors right now that you don't know about. In 10 minutes, you can install Sentry and make sure you're the first to know — not the last. This is the foundational error monitoring setup every production app needs. - [Database Indexing: The 80/20 of Performance](https://aicodingguild.com/blog/database-indexing-the-80-20-of-performance) — 2026-03-17 — database, indexing, performance — A single missing index turned a 50ms query into a 5-second nightmare that cost one e-commerce platform $500,000 in 30 minutes. Learn the decision framework that separates architects who index intentionally from developers who index by instinct — and the traps that will bite you either way. - [Prompt of the Day: Generate a Complete API Route with Validation](https://aicodingguild.com/blog/prompt-of-the-day-generate-complete-api-route-validation) — 2026-03-17 — prompts, api, validation — Copy this prompt into Cursor, Claude, or ChatGPT and get a production-ready API route with full input validation, error handling, and proper HTTP status codes — in any framework. ## Public Workflow Skills - [Security Audit for AI-Generated Code](https://aicodingguild.com/guild/skills/security-audit-ai-code) — security — beginner — A complete security audit workflow for any AI-generated codebase. Find secrets, vulnerabilities, and misconfigurations before they ship. - [Secrets Management with Doppler](https://aicodingguild.com/guild/skills/secrets-management-doppler) — security — beginner — Set up proper secrets management from day one. Never commit another API key. Never lose another env file. - [Supabase Row Level Security Hardening](https://aicodingguild.com/guild/skills/supabase-rls-hardening) — security — intermediate — Lock down your Supabase database with bulletproof RLS policies. Because a public API key means anyone can try. ## Trust, Founder, And Support Surfaces - [Pricing](https://aicodingguild.com/pricing) — public membership comparison, free versus paid boundaries, and conversion entry point - [About](https://aicodingguild.com/about) — mission, audience split, and how the Guild fits inside Elegant Software Solutions - [Founder Profile](https://aicodingguild.com/about/tom-hundley) — Tom Hundley background, authorship, and teaching credibility - [Contact](https://aicodingguild.com/contact) — direct support and partnership contact path - [Privacy Policy](https://aicodingguild.com/privacy) — data handling, retention, and privacy policy context - [Terms of Service](https://aicodingguild.com/terms) — legal terms governing the service ## Free Learning Paths - Plain-text export: https://aicodingguild.com/learn/txt ### Start Here — Build Safely With AI - Path URL: https://aicodingguild.com/learn/start-here - Description: A zero-to-one on-ramp for people who have never built software with AI before. Learn the safe workflow before you touch a real project. - Lesson count: 6 - [What You're Actually Doing When You Build With AI](https://aicodingguild.com/learn/start-here/what-you-are-actually-doing) — A plain-English explanation of the job: AI writes fast, you still choose scope, inspect output, and own the result. - [The Safe AI Building Loop — Ask, Inspect, Test, Checkpoint](https://aicodingguild.com/learn/start-here/the-safe-vibe-coding-loop) — The beginner workflow that keeps AI-assisted building under control: one step at a time, with review points. - [Choose a Tiny First Win](https://aicodingguild.com/learn/start-here/choose-a-tiny-first-win) — How to pick a first project that teaches the workflow without dragging you into complex product and engineering problems. - [Don't Lose Your Work — Folders, Git, and Checkpoints](https://aicodingguild.com/learn/start-here/dont-lose-your-work) — The minimum safe setup for total beginners: a real project folder, a Git repo, a remote backup, and repeatable checkpoints. - [Your First Agent Session](https://aicodingguild.com/learn/start-here/your-first-agent-session) — How to run a first real AI-assisted build session without letting it spiral into a mystery code dump. - [Before You Share Anything](https://aicodingguild.com/learn/start-here/before-you-share-anything) — A beginner-friendly safety gate before you send a link to a friend, client, coworker, or the public internet. ### Foundations for AI-Assisted Builders - Path URL: https://aicodingguild.com/learn/foundations - Description: The next stage after Start Here: software mental models, vocabulary, and tool context for builders who have already shipped one tiny thing with AI. Free for everyone. - Lesson count: 29 - [What AI-Assisted Building Changed — And Why It Matters](https://aicodingguild.com/learn/foundations/what-is-vibe-coding) — Zoom out from the beginner workflow and understand why AI changed who gets to build software, what that unlocks, and what it does not. - [The AI Builder's Toolkit — Cursor, Bolt, Replit, v0, Lovable, and Beyond](https://aicodingguild.com/learn/foundations/the-vibe-coders-toolkit) — A practical tour of the major AI coding tools, what each does best, and how to choose based on project stage instead of hype. - [What You Can Build Next — And What Should Wait](https://aicodingguild.com/learn/foundations/what-you-can-build-today) — A realistic map of what AI-assisted builders can build now, what makes sense after your first tiny win, and what should still wait. - [The Honest Truth — What AI Can and Cannot Do For You](https://aicodingguild.com/learn/foundations/the-honest-truth) — A stage-two reality check: where AI genuinely accelerates you, where it creates false confidence, and what breaks as scope grows. - [Your Next 24 Hours — Turn One Tiny Win Into a Repeatable Practice](https://aicodingguild.com/learn/foundations/your-first-24-hours) — A plan for the day after your first tiny build: stabilize it, understand it, improve it, and turn a lucky win into a reliable workflow. - [Frontend vs Backend — What's the Difference and Why Does It Matter?](https://aicodingguild.com/learn/foundations/frontend-vs-backend) — Understand the two halves of every web application using a restaurant analogy that makes it click. - [What Happens When You Type a URL — The Journey of a Web Request](https://aicodingguild.com/learn/foundations/what-happens-when-you-type-a-url) — Follow a web request from your browser to a server and back — the complete journey explained simply. - [What is a Server? Cloud, Hosting, and Where Your Code Lives](https://aicodingguild.com/learn/foundations/what-is-a-server) — Demystifying servers, cloud hosting, and serverless — understand where your app actually runs. - [What is an API? The Bridges Between Software Systems](https://aicodingguild.com/learn/foundations/what-is-an-api) — Understand APIs through a simple analogy — the waiter between your app and the data it needs. - [What is a Database? Where Your Data Lives and Why It Matters](https://aicodingguild.com/learn/foundations/what-is-a-database) — Understand databases through the spreadsheet analogy — SQL vs NoSQL, when you need one, and which to choose. - [Programming Languages — Which Ones Exist and Why There Are So Many](https://aicodingguild.com/learn/foundations/programming-languages-overview) — A friendly tour of the programming language landscape — why so many exist and which ones matter for AI-assisted builders. - [JavaScript and TypeScript — The Language of the Web](https://aicodingguild.com/learn/foundations/javascript-and-typescript) — What JavaScript does, why TypeScript exists, and where you'll see them in every web project you build. - [HTML and CSS — The Building Blocks Every Builder Should Recognize](https://aicodingguild.com/learn/foundations/html-and-css) — Understand how HTML provides structure and CSS provides style — the visual foundation of every web page. - [Python — The Swiss Army Knife (and When to Reach for It)](https://aicodingguild.com/learn/foundations/python) — Understand Python's strengths in AI, data, and scripting — and know when to use it versus JavaScript. - [Reading Code You Didn't Write — The Skill AI Can't Replace](https://aicodingguild.com/learn/foundations/reading-code-you-didnt-write) — Learn how to read and understand AI-generated code — patterns to recognize, questions to ask, and how to use AI to explain itself. - [What is Git? Source Control Explained for Non-Developers](https://aicodingguild.com/learn/foundations/what-is-git) — Go deeper than 'don't lose your work' and understand commits, branches, merges, and recovery without developer jargon. - [What is GitHub? Your Code's Home on the Internet](https://aicodingguild.com/learn/foundations/what-is-github) — Understand GitHub, repositories, and collaboration — and why every builder using AI needs it. - [What is a Terminal? The Command Line Isn't Scary](https://aicodingguild.com/learn/foundations/what-is-a-terminal) — Demystify the terminal — what it is, why developers love it, and five commands to get you started. - [What is VS Code? The Editor Behind Cursor (and Why It Matters)](https://aicodingguild.com/learn/foundations/what-is-vs-code) — Understand VS Code — the world's most popular code editor, the foundation of Cursor, and your future daily tool. - [What is npm? Package Managers and Why They Exist](https://aicodingguild.com/learn/foundations/what-is-npm) — Understand packages, dependencies, package.json, and node_modules — the supply chain of modern software. - [The MVP Mindset — Build Less, Learn More](https://aicodingguild.com/learn/foundations/the-mvp-mindset) — Understand what an MVP really is, why it matters, and the common mistakes that trap first-time builders. - [Validating Your Idea Before Writing Code](https://aicodingguild.com/learn/foundations/validating-your-idea) — Learn proven techniques to test whether people actually want what you're building — before you invest time building it. - [Choosing Your Tech Stack — A Decision Framework](https://aicodingguild.com/learn/foundations/choosing-your-tech-stack) — A practical framework for choosing the right tools and technologies for your project — with sensible defaults for AI-assisted builders. - [The 1-Week MVP Sprint — A Realistic Plan](https://aicodingguild.com/learn/foundations/one-week-mvp-sprint) — A day-by-day plan for building and shipping your first product in one week — practical, focused, and achievable. - [Java — The Enterprise Workhorse](https://aicodingguild.com/learn/foundations/java-enterprise) — Understand where Java lives in the modern tech landscape — Spring Boot, the JVM ecosystem, and why enterprises run on it. - [C# and .NET — Microsoft's Full Stack](https://aicodingguild.com/learn/foundations/csharp-dotnet) — Explore the .NET ecosystem — ASP.NET, Blazor, Azure integration, and why C# powers so many enterprise applications. - [Python Beyond AI — Django, Flask, and FastAPI](https://aicodingguild.com/learn/foundations/python-beyond-ai) — Discover Python's world beyond machine learning — web frameworks, data engineering, scripting, and why Python is the Swiss Army knife of programming. - [Go — The Cloud Native Language](https://aicodingguild.com/learn/foundations/go-cloud-native) — Understand Go's role in modern infrastructure — simplicity, concurrency, its connection to Docker and Kubernetes, and why it's the language of cloud tooling. - [PHP — Still Running the Internet](https://aicodingguild.com/learn/foundations/php-still-running) — Learn why PHP powers 40% of the web — WordPress, Laravel, and the legacy codebase reality that every developer should understand. ### Working With AI Tools - Path URL: https://aicodingguild.com/learn/ai-tools - Description: How to get the best results from AI coding assistants, from Cursor to Claude Code. - Lesson count: 23 - [The AI Coding Tool Landscape](https://aicodingguild.com/learn/ai-tools/ai-coding-tool-landscape) — Cursor, Bolt, Replit, v0, Lovable compared — which tool fits your workflow? - [Cursor — The Power User's Choice (Setup and First Steps)](https://aicodingguild.com/learn/ai-tools/cursor-setup) — Install Cursor, configure it for vibe coding, and build your first project with AI assistance. - [Bolt.new and Lovable — Instant Full-Stack Apps](https://aicodingguild.com/learn/ai-tools/bolt-and-lovable) — Build complete web applications from a text prompt with Bolt.new and Lovable. - [Replit — Code, Deploy, and Collaborate in Your Browser](https://aicodingguild.com/learn/ai-tools/replit) — Use Replit for browser-based development, instant deployment, and real-time collaboration. - [v0 by Vercel — UI Components From a Text Prompt](https://aicodingguild.com/learn/ai-tools/v0-by-vercel) — Generate production-ready UI components with v0 and integrate them into your projects. - [Claude Code — When You Want AI in Your Terminal](https://aicodingguild.com/learn/ai-tools/claude-code) — Use Claude Code for terminal-based AI development with deep codebase understanding. - [GitHub Copilot — The AI That Lives in Your Editor](https://aicodingguild.com/learn/ai-tools/github-copilot) — Set up GitHub Copilot for inline code completions and AI-assisted development in VS Code. - [The Anatomy of a Good Coding Prompt](https://aicodingguild.com/learn/ai-tools/anatomy-of-good-coding-prompt) — Structure your prompts for AI coding tools to get better, more predictable results. - [System Prompts — .cursorrules and CLAUDE.md Explained](https://aicodingguild.com/learn/ai-tools/system-prompts) — Write system prompts that give AI persistent context about your project and preferences. - [Breaking Big Ideas into Small Tasks — The Decomposition Pattern](https://aicodingguild.com/learn/ai-tools/decomposition-pattern) — Learn why small, focused prompts produce better code than trying to build everything at once. - [Few-Shot Prompting — Teaching AI by Showing Examples](https://aicodingguild.com/learn/ai-tools/few-shot-prompting) — Use examples to teach AI your patterns, styles, and conventions before it writes new code. - [Chain-of-Thought — Making AI Think Step by Step](https://aicodingguild.com/learn/ai-tools/chain-of-thought) — Use chain-of-thought prompting to get AI to reason through complex coding problems. - [The Anti-Patterns — Prompts That Produce Bad Code](https://aicodingguild.com/learn/ai-tools/anti-patterns) — Recognize and avoid the most common prompting mistakes that lead to buggy, bloated, or wrong code. - [The Build-Review-Iterate Loop](https://aicodingguild.com/learn/ai-tools/build-review-iterate) — Master the core vibe coding workflow — generate code, review it critically, and iterate toward your goal. - [Code Review With AI — Using a Second AI as Your Senior Engineer](https://aicodingguild.com/learn/ai-tools/code-review-with-ai) — Use a second AI to review code generated by your first AI, catching bugs and improving quality. - [Debugging With AI — Better Than Stack Overflow](https://aicodingguild.com/learn/ai-tools/debugging-with-ai) — Learn systematic approaches to debugging code with AI assistance, from error messages to complex logic bugs. - [Refactoring With AI — Making Code Better Without Breaking It](https://aicodingguild.com/learn/ai-tools/refactoring-with-ai) — Use AI to safely improve, reorganize, and simplify existing code without changing what it does. - [When to Stop Prompting and Start Reading](https://aicodingguild.com/learn/ai-tools/when-to-stop-prompting) — Recognize when AI stops helping and learn when reading code yourself is the faster path forward. - [How LLMs Actually Work — For Non-ML People](https://aicodingguild.com/learn/ai-tools/how-llms-work) — Understand tokens, context windows, attention, and temperature without a single equation. - [OpenAI vs Anthropic vs Open Source — An Honest Comparison](https://aicodingguild.com/learn/ai-tools/openai-vs-anthropic-vs-open-source) — Compare the major AI model providers — strengths, weaknesses, pricing, and when to use which. - [API Keys, Rate Limits, and Cost Management](https://aicodingguild.com/learn/ai-tools/api-keys-rate-limits-costs) — Understand AI API pricing, rate limits, budgets, and how to monitor and control your AI spending. - [Fine-Tuning vs RAG vs Prompt Engineering](https://aicodingguild.com/learn/ai-tools/fine-tuning-vs-rag-vs-prompting) — Three approaches to customizing AI — when each works, the cost and complexity tradeoffs, and which to try first. - [Running Local Models — Ollama and LM Studio](https://aicodingguild.com/learn/ai-tools/running-local-models) — Run AI models on your own machine — privacy benefits, performance tradeoffs, setup guides, and when local makes sense. ## Public Prompt Packs ## Prompt Pack: Run your first agent session - Pack URL: https://aicodingguild.com/prompts/packs/first-agent-session - Filtered library URL: https://aicodingguild.com/prompts?q=agent&path=start-here - Plain-text export: https://aicodingguild.com/prompts/packs/first-agent-session/txt - Prompt count: 2 - Description: Prompts for your first real AI-assisted build session so the agent explains scope, asks clarifying questions, and stops after one safe first move. - Featured prompt: [Safe Beginner Loop](https://aicodingguild.com/prompts/the-safe-vibe-coding-loop) ## Prompt Pack: Start safely - Pack URL: https://aicodingguild.com/prompts/packs/start-safely - Filtered library URL: https://aicodingguild.com/prompts?path=start-here - Plain-text export: https://aicodingguild.com/prompts/packs/start-safely/txt - Prompt count: 6 - Description: Prompts for scoping work, protecting secrets, and making the agent stop after one reviewable step. - Featured prompt: [Safe Beginner Loop](https://aicodingguild.com/prompts/the-safe-vibe-coding-loop) ## Prompt Pack: Review and debug - Pack URL: https://aicodingguild.com/prompts/packs/review-and-debug - Filtered library URL: https://aicodingguild.com/prompts?path=ai-tools - Plain-text export: https://aicodingguild.com/prompts/packs/review-and-debug/txt - Prompt count: 23 - Description: Prompts for tightening requests, reviewing diffs, and debugging without letting the agent thrash. - Featured prompt: [Review The Diff](https://aicodingguild.com/prompts/code-review-with-ai) ## Prompt Pack: Write better prompts - Pack URL: https://aicodingguild.com/prompts/packs/write-better-prompts - Filtered library URL: https://aicodingguild.com/prompts?q=prompt-engineering&path=ai-tools - Plain-text export: https://aicodingguild.com/prompts/packs/write-better-prompts/txt - Prompt count: 6 - Description: Prompts for tightening vague requests, decomposing big ideas, teaching patterns with examples, and avoiding prompting anti-patterns. - Featured prompt: [The Anti-Patterns — Prompts That Produce Bad Code](https://aicodingguild.com/prompts/anti-patterns) ## Prompt Pack: Think in systems - Pack URL: https://aicodingguild.com/prompts/packs/think-in-systems - Filtered library URL: https://aicodingguild.com/prompts?q=architecture - Plain-text export: https://aicodingguild.com/prompts/packs/think-in-systems/txt - Prompt count: 7 - Description: Prompts that push the agent toward architecture, tradeoffs, and production-safe structure instead of surface fixes. - Featured prompt: [Choosing Your Tech Stack — A Decision Framework](https://aicodingguild.com/prompts/choosing-your-tech-stack) ## Prompt Pack: Protect your work - Pack URL: https://aicodingguild.com/prompts/packs/protect-your-work - Filtered library URL: https://aicodingguild.com/prompts?q=git - Plain-text export: https://aicodingguild.com/prompts/packs/protect-your-work/txt - Prompt count: 4 - Description: Prompts for Git, checkpoints, backups, and version-control habits before you let the agent touch more files. - Featured prompt: [Don't Lose Your Work — Folders, Git, and Checkpoints](https://aicodingguild.com/prompts/dont-lose-your-work) ## Full Public Prompt Library - Plain-text export: https://aicodingguild.com/prompts/txt ## Prompt: What You're Actually Doing When You Build With AI - Prompt URL: https://aicodingguild.com/prompts/what-you-are-actually-doing - Lesson URL: https://aicodingguild.com/learn/start-here/what-you-are-actually-doing - Path: Start Here — Build Safely With AI - Category: Start Here — Build Safely With AI - Estimated minutes: 9 - Tags: vibe-coding, beginners, mindset, AI - Summary: A plain-English explanation of the job: AI writes fast, you still choose scope, inspect output, and own the result. ```text "I am completely new to vibe coding and I want to build one very small thing safely. The problem is: [describe the problem] The user is: [describe the user] The smallest useful version would do only: [describe the tiny outcome] Before writing any code: 1. tell me if this is a realistic first project 2. reduce the scope if it is still too big 3. explain the main risks and assumptions 4. tell me what I must review myself 5. stop before auth, payments, production data, or destructive changes unless I explicitly approve them" ``` ## Prompt: Safe Beginner Loop - Prompt URL: https://aicodingguild.com/prompts/the-safe-vibe-coding-loop - Lesson URL: https://aicodingguild.com/learn/start-here/the-safe-vibe-coding-loop - Path: Start Here — Build Safely With AI - Category: Safety - Estimated minutes: 10 - Tags: vibe-coding, workflow, beginners, safety - Summary: Use this before any implementation work when you want the agent to stay scoped, explain itself, and stop after one reviewable change. ```text "I want to work in a safe beginner loop. Please do only this one task: [describe one tiny change]. Before making changes: 1. explain your plan in plain English 2. list the files you expect to change 3. do not add packages or change config unless absolutely necessary After making changes: 4. tell me exactly what changed 5. tell me how to test it in one minute 6. stop so I can review before the next step" ``` ## Prompt: Choose a Tiny First Win - Prompt URL: https://aicodingguild.com/prompts/choose-a-tiny-first-win - Lesson URL: https://aicodingguild.com/learn/start-here/choose-a-tiny-first-win - Path: Start Here — Build Safely With AI - Category: Start Here — Build Safely With AI - Estimated minutes: 9 - Tags: beginners, scope, mvp, first-project - Summary: How to pick a first project that teaches the workflow without dragging you into complex product and engineering problems. ```text "I need help shrinking this idea into a safe first vibe-coded project. The big idea is: [describe idea] Reduce it to the smallest useful version by: 1. removing anything that requires auth, billing, production data, or complicated integrations 2. keeping only one user and one core job to be done 3. telling me what the first screen or flow should be 4. telling me what to deliberately postpone until later I want a first win, not a platform." ``` ## Prompt: Don't Lose Your Work — Folders, Git, and Checkpoints - Prompt URL: https://aicodingguild.com/prompts/dont-lose-your-work - Lesson URL: https://aicodingguild.com/learn/start-here/dont-lose-your-work - Path: Start Here — Build Safely With AI - Category: Start Here — Build Safely With AI - Estimated minutes: 10 - Tags: git, beginners, safety, workflow - Summary: The minimum safe setup for total beginners: a real project folder, a Git repo, a remote backup, and repeatable checkpoints. ```text "I am a beginner and I want the safest possible project setup before I keep building. Help me: 1. confirm this project has the minimum Git safety setup 2. check that `.env`-style secret files are ignored 3. tell me what files should and should not be committed right now 4. suggest the next safe checkpoint Do not rewrite history, force push, or delete files unless I explicitly approve it." ``` ## Prompt: Your First Agent Session - Prompt URL: https://aicodingguild.com/prompts/your-first-agent-session - Lesson URL: https://aicodingguild.com/learn/start-here/your-first-agent-session - Path: Start Here — Build Safely With AI - Category: Start Here — Build Safely With AI - Estimated minutes: 11 - Tags: AI-tools, beginners, agent-workflow, hands-on - Summary: How to run a first real AI-assisted build session without letting it spiral into a mystery code dump. ```text "I am on my first real vibe-coding session. Project: [describe project] Current goal: [describe one small feature] Before changing code: 1. explain the safest approach in plain English 2. list the files you expect to change 3. tell me if this request is still too big Then implement only that one small feature. Afterward: 4. tell me exactly what changed 5. tell me how to test it in under two minutes 6. stop so I can review before the next step Do not add auth, deployment, payments, or unrelated cleanup." ``` ## Prompt: Pre-Flight Secrets Check - Prompt URL: https://aicodingguild.com/prompts/before-you-share-anything - Lesson URL: https://aicodingguild.com/learn/start-here/before-you-share-anything - Path: Start Here — Build Safely With AI - Category: Secrets Hygiene - Estimated minutes: 10 - Tags: beginners, safety, sharing, shipping - Summary: Run this before you paste configs, screenshots, or terminal output into an AI tool so you do not leak API keys, connection strings, or internal URLs. ```text "I am about to share this small app with another person for the first time. Please give me a beginner-safe pre-share review. Context: - project: [describe project] - who will see it: [friend/coworker/client/internal team] - main flow: [describe flow] Review it for: 1. obvious safety problems 2. anything sensitive I should not expose yet 3. the most likely embarrassing failure points 4. the smallest fixes that would make it safer to share Do not suggest major rewrites. I want a practical pre-share checklist." ``` ## Prompt: What AI-Assisted Building Changed — And Why It Matters - Prompt URL: https://aicodingguild.com/prompts/what-is-vibe-coding - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-vibe-coding - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: vibe-coding, AI, beginners, overview - Summary: Zoom out from the beginner workflow and understand why AI changed who gets to build software, what that unlocks, and what it does not. ```text "I want to use vibe coding to build a small product. I already understand the beginner safety loop. Help me think about the bigger picture. The problem space I care about is: [describe it] The user is: [describe the person] The kind of product I imagine is: [describe it] Before writing code: 1. explain why vibe coding changes who can build in this space 2. tell me what human judgment is still required 3. tell me where AI will create false confidence 4. suggest the next foundational topic I should understand before going bigger" ``` ## Prompt: Pick The Right Tool - Prompt URL: https://aicodingguild.com/prompts/the-vibe-coders-toolkit - Lesson URL: https://aicodingguild.com/learn/foundations/the-vibe-coders-toolkit - Path: Foundations for AI-Assisted Builders - Category: Tool Choice - Estimated minutes: 10 - Tags: tools, cursor, bolt, replit, v0, lovable - Summary: Use this when you are about to start a project and need a recommendation on which AI coding tool matches your experience and constraints. ```text "I need help choosing the right vibe-coding tool for this stage. My project is: [describe it] My experience level is: [describe it] I care most about: [speed, control, design, collaboration, privacy] Recommend the best starting tool, one backup tool for later, and the main tradeoffs I should know before I begin." ``` ## Prompt: What You Can Build Next — And What Should Wait - Prompt URL: https://aicodingguild.com/prompts/what-you-can-build-today - Lesson URL: https://aicodingguild.com/learn/foundations/what-you-can-build-today - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: inspiration, projects, examples, beginners - Summary: A realistic map of what AI-assisted builders can build now, what makes sense after your first tiny win, and what should still wait. ```text "Help me choose the right next project category. I have already completed a tiny first win. Now I want to map what kind of project makes sense next. My idea is: [describe it] Place this idea in one of three buckets: 1. realistic now 2. realistic next after more practice 3. not realistic yet Then explain the safest product shape for the current stage and the main reason not to jump ahead." ``` ## Prompt: The Honest Truth — What AI Can and Cannot Do For You - Prompt URL: https://aicodingguild.com/prompts/the-honest-truth - Lesson URL: https://aicodingguild.com/learn/foundations/the-honest-truth - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 10 - Tags: expectations, limitations, AI, reality-check - Summary: A stage-two reality check: where AI genuinely accelerates you, where it creates false confidence, and what breaks as scope grows. ```text "Critique this project plan honestly. This is no longer my first tiny experiment. I want to understand where the current workflow will break as the project grows. I want you to identify: 1. where AI will probably help 2. where AI is likely to create false confidence 3. the biggest risks around testing, security, maintainability, and feature creep 4. what I need to review manually before I trust the output Do not reassure me. Be specific." ``` ## Prompt: Your Next 24 Hours — Turn One Tiny Win Into a Repeatable Practice - Prompt URL: https://aicodingguild.com/prompts/your-first-24-hours - Lesson URL: https://aicodingguild.com/learn/foundations/your-first-24-hours - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 12 - Tags: workflow, hands-on, practice, iteration - Summary: A plan for the day after your first tiny build: stabilize it, understand it, improve it, and turn a lucky win into a reliable workflow. ```text "Help me turn my first tiny vibe-coded project into a repeatable practice project. The app currently does: [describe it] The current weak point is: [describe it] My available time is: [time] Give me a concrete plan for: 1. auditing what I already have 2. choosing one improvement that increases quality without exploding scope 3. testing that improvement 4. checkpointing safely 5. identifying the next concept I should learn on purpose Do not suggest auth, billing, or major new features." ``` ## Prompt: Frontend vs Backend — What's the Difference and Why Does It Matter? - Prompt URL: https://aicodingguild.com/prompts/frontend-vs-backend - Lesson URL: https://aicodingguild.com/learn/foundations/frontend-vs-backend - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: frontend, backend, architecture, fundamentals - Summary: Understand the two halves of every web application using a restaurant analogy that makes it click. ```text "Before implementing this feature, split the work into frontend and backend responsibilities. 1. Explain what the user sees and interacts with 2. Explain what the server must handle behind the scenes 3. List the files or systems likely to change on each side 4. Call out any data that must never live in the frontend 5. Stop before changing auth, permissions, or the data model without my approval I want a clean boundary, not a blurry full-stack mess." ``` ## Prompt: What Happens When You Type a URL — The Journey of a Web Request - Prompt URL: https://aicodingguild.com/prompts/what-happens-when-you-type-a-url - Lesson URL: https://aicodingguild.com/learn/foundations/what-happens-when-you-type-a-url - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: web-requests, DNS, HTTP, networking, fundamentals - Summary: Follow a web request from your browser to a server and back — the complete journey explained simply. ```text "Help me trace this page load like a web request investigator. 1. Explain the request path from URL to rendered page 2. Tell me which stages are DNS, network, server processing, and browser rendering 3. Based on this symptom, identify the most likely failing stage 4. Tell me what I should inspect in DevTools or logs to confirm it 5. Do not jump to code changes before explaining the likely bottleneck Symptom: [describe the bug or slowdown]." ``` ## Prompt: What is a Server? Cloud, Hosting, and Where Your Code Lives - Prompt URL: https://aicodingguild.com/prompts/what-is-a-server - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-a-server - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: servers, cloud, hosting, infrastructure, fundamentals - Summary: Demystifying servers, cloud hosting, and serverless — understand where your app actually runs. ```text "Help me choose the safest hosting model for this project. 1. Explain whether this app should use static hosting, managed platform hosting, or serverless functions 2. Tell me what parts of the app run where 3. List the operational tradeoffs: logs, scaling, cold starts, cost, and simplicity 4. Tell me which environment variables or secrets must be configured 5. Stop before making infra, billing, or region changes without my approval Optimize for low operational burden and easy rollback." ``` ## Prompt: What is an API? The Bridges Between Software Systems - Prompt URL: https://aicodingguild.com/prompts/what-is-an-api - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-an-api - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: APIs, REST, integrations, fundamentals - Summary: Understand APIs through a simple analogy — the waiter between your app and the data it needs. ```text "Help me integrate this API like a cautious engineer. 1. Explain the API contract in plain English 2. List the request shape, response shape, auth method, and rate-limit risks 3. Tell me where the secret should live and how to keep it out of the frontend 4. Include failure handling for bad responses, timeouts, and retries 5. Stop before adding credentials or billing-connected integrations without my approval Optimize for a stable integration, not just a demo that works once." ``` ## Prompt: What is a Database? Where Your Data Lives and Why It Matters - Prompt URL: https://aicodingguild.com/prompts/what-is-a-database - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-a-database - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: databases, SQL, NoSQL, data, fundamentals - Summary: Understand databases through the spreadsheet analogy — SQL vs NoSQL, when you need one, and which to choose. ```text "Help me design the smallest safe database model for this feature. 1. List the tables or collections I actually need 2. Show the key fields and relationships 3. Explain whether SQL or NoSQL makes more sense here and why 4. Call out ownership, validation, and deletion risks 5. Stop before running migrations, destructive schema changes, or data backfills without my approval Optimize for clear data modeling and easy future maintenance." ``` ## Prompt: Programming Languages — Which Ones Exist and Why There Are So Many - Prompt URL: https://aicodingguild.com/prompts/programming-languages-overview - Lesson URL: https://aicodingguild.com/learn/foundations/programming-languages-overview - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: programming-languages, overview, fundamentals - Summary: A friendly tour of the programming language landscape — why so many exist and which ones matter for AI-assisted builders. ```text "Help me understand the language choices in this project before we change anything. 1. List the languages involved and what role each one plays 2. Tell me which languages I actually need to recognize as the human reviewer 3. Explain whether the current choices are conventional or unusual 4. Warn me if switching languages would create more churn than value 5. Do not recommend a rewrite unless there is a concrete business reason Optimize for clarity and maintainability, not language hype." ``` ## Prompt: JavaScript and TypeScript — The Language of the Web - Prompt URL: https://aicodingguild.com/prompts/javascript-and-typescript - Lesson URL: https://aicodingguild.com/learn/foundations/javascript-and-typescript - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: javascript, typescript, web-development, fundamentals - Summary: What JavaScript does, why TypeScript exists, and where you'll see them in every web project you build. ```text "Explain this JavaScript or TypeScript file to me before changing it. 1. Tell me what runs in the browser and what runs on the server 2. Explain any important types, props, or return values 3. Tell me what TypeScript is protecting me from in this file 4. Point out the highest-risk area for silent bugs 5. Stop before converting between JavaScript and TypeScript unless there is a strong reason I want clarity about behavior and data shape, not just a summary." ``` ## Prompt: HTML and CSS — The Building Blocks Every Builder Should Recognize - Prompt URL: https://aicodingguild.com/prompts/html-and-css - Lesson URL: https://aicodingguild.com/learn/foundations/html-and-css - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: HTML, CSS, web-development, styling, fundamentals - Summary: Understand how HTML provides structure and CSS provides style — the visual foundation of every web page. ```text "Help me make this UI change without breaking structure or accessibility. 1. Explain the current HTML structure in plain English 2. Tell me which styles are controlling layout, spacing, and typography 3. Suggest the smallest set of markup or class changes needed 4. Preserve semantics, accessibility, and mobile responsiveness 5. Stop before a style request turns into a wholesale component rewrite I want a precise UI edit, not generic beautification." ``` ## Prompt: Python — The Swiss Army Knife (and When to Reach for It) - Prompt URL: https://aicodingguild.com/prompts/python - Lesson URL: https://aicodingguild.com/learn/foundations/python - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: python, AI, data-science, scripting, fundamentals - Summary: Understand Python's strengths in AI, data, and scripting — and know when to use it versus JavaScript. ```text "Help me decide whether this task should use Python or stay in my existing stack. 1. Explain why Python would or would not be a better fit 2. Show the smallest Python example that solves the task 3. Explain the script line by line in plain English 4. Tell me what dependencies and runtime setup it requires 5. Stop before introducing a separate Python service unless the use case truly justifies it Optimize for the simplest maintainable solution." ``` ## Prompt: Reading Code You Didn't Write — The Skill AI Can't Replace - Prompt URL: https://aicodingguild.com/prompts/reading-code-you-didnt-write - Lesson URL: https://aicodingguild.com/learn/foundations/reading-code-you-didnt-write - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 10 - Tags: code-reading, debugging, skills, fundamentals - Summary: Learn how to read and understand AI-generated code — patterns to recognize, questions to ask, and how to use AI to explain itself. ```text "Explain this code so I can review it like an owner, not a spectator. 1. Tell me what this file is responsible for 2. Point out the key names, branches, and data flow 3. Identify the highest-risk logic, permission check, or side effect 4. Tell me what could go wrong in production 5. Keep the explanation anchored to the actual code, not a generic summary Here is the file or diff: [paste code or change]." ``` ## Prompt: What is Git? Source Control Explained for Non-Developers - Prompt URL: https://aicodingguild.com/prompts/what-is-git - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-git - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: git, version-control, source-control, fundamentals - Summary: Go deeper than 'don't lose your work' and understand commits, branches, merges, and recovery without developer jargon. ```text "Help me use Git safely on this project. 1. Explain the safest workflow for the change I want to make 2. Tell me whether this should happen on a new branch or not 3. List the Git commands I should expect to run and what each one does 4. Tell me what a good commit message would look like 5. Stop before any destructive Git command or history rewrite Assume I am new to Git and optimize for recoverability, not cleverness." ``` ## Prompt: What is GitHub? Your Code's Home on the Internet - Prompt URL: https://aicodingguild.com/prompts/what-is-github - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-github - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: github, repositories, collaboration, fundamentals - Summary: Understand GitHub, repositories, and collaboration — and why every builder using AI needs it. ```text "Help me set up and use GitHub safely for this project. 1. Explain the role GitHub should play in my workflow 2. Tell me whether this repo should be public or private and why 3. List the integrations I should expect with deployment, CI, and AI tools 4. Recommend the safest first workflow for branches and pull requests 5. Stop before changing repo visibility, secrets, or deployment permissions Optimize for a solo builder who still wants a professional workflow." ``` ## Prompt: What is a Terminal? The Command Line Isn't Scary - Prompt URL: https://aicodingguild.com/prompts/what-is-a-terminal - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-a-terminal - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: terminal, command-line, CLI, fundamentals - Summary: Demystify the terminal — what it is, why developers love it, and five commands to get you started. ```text "Explain the terminal commands I need for this task before I run anything. 1. Tell me which directory I should be in first 2. Show the exact command 3. Explain each part of the command in plain English 4. Tell me what output I should expect if it succeeds 5. Warn me if the command is destructive or changes files Assume I am comfortable running safe commands but I do not want surprise side effects." ``` ## Prompt: What is VS Code? The Editor Behind Cursor (and Why It Matters) - Prompt URL: https://aicodingguild.com/prompts/what-is-vs-code - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-vs-code - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 8 - Tags: vs-code, cursor, code-editor, tools - Summary: Understand VS Code — the world's most popular code editor, the foundation of Cursor, and your future daily tool. ```text "Help me set up a practical Cursor or VS Code workflow for this project. 1. Recommend the minimum editor features and extensions I should rely on 2. Tell me which shortcuts matter most for daily work 3. Explain how file navigation, terminal use, and source control fit together 4. Tell me what should stay simple instead of over-customized 5. Stop before installing a long list of extensions or changing project tooling Optimize for a beginner who wants a calm, maintainable setup." ``` ## Prompt: What is npm? Package Managers and Why They Exist - Prompt URL: https://aicodingguild.com/prompts/what-is-npm - Lesson URL: https://aicodingguild.com/learn/foundations/what-is-npm - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: npm, packages, dependencies, node-modules, fundamentals - Summary: Understand packages, dependencies, package.json, and node_modules — the supply chain of modern software. ```text "Help me make a safe package-manager decision for this project. 1. Tell me which package manager this repo is already using and how you know 2. Explain whether I need a new dependency or can use what is already installed 3. If a new package is justified, tell me the tradeoffs and maintenance risk 4. List the exact install and verification steps 5. Stop before switching package managers or adding a dependency just for convenience Optimize for fewer dependencies, predictable installs, and easy rollback." ``` ## Prompt: The MVP Mindset — Build Less, Learn More - Prompt URL: https://aicodingguild.com/prompts/the-mvp-mindset - Lesson URL: https://aicodingguild.com/learn/foundations/the-mvp-mindset - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: MVP, product, strategy, mindset - Summary: Understand what an MVP really is, why it matters, and the common mistakes that trap first-time builders. ```text "Help me reduce this idea to an MVP. The user is: [describe person] The problem is: [describe one problem] My current feature list is: [list features] Cut this down to the smallest version that delivers real value. Tell me which three features stay in the MVP, which features move to later, and why." ``` ## Prompt: Validating Your Idea Before Writing Code - Prompt URL: https://aicodingguild.com/prompts/validating-your-idea - Lesson URL: https://aicodingguild.com/learn/foundations/validating-your-idea - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 10 - Tags: validation, product, strategy, user-research - Summary: Learn proven techniques to test whether people actually want what you're building — before you invest time building it. ```text "Help me validate this idea before I build it. Idea: [describe it] Target user: [describe them] What I think the problem is: [describe it] Give me: 1. the fastest validation tests I can run 2. the questions I should ask users 3. what evidence would be weak, medium, or strong validation 4. what would convince me to stop or narrow the idea" ``` ## Prompt: Choosing Your Tech Stack — A Decision Framework - Prompt URL: https://aicodingguild.com/prompts/choosing-your-tech-stack - Lesson URL: https://aicodingguild.com/learn/foundations/choosing-your-tech-stack - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 9 - Tags: tech-stack, architecture, decisions, tools - Summary: A practical framework for choosing the right tools and technologies for your project — with sensible defaults for AI-assisted builders. ```text "Recommend a tech stack for this project. Project type: [describe it] Constraints: [budget, hosting, mobile, data, auth, payments, privacy] My experience level: [describe it] Give me: 1. the default stack you recommend 2. why each tool is a good fit 3. which choices are boring and proven 4. which parts I should avoid over-optimizing right now" ``` ## Prompt: The 1-Week MVP Sprint — A Realistic Plan - Prompt URL: https://aicodingguild.com/prompts/one-week-mvp-sprint - Lesson URL: https://aicodingguild.com/learn/foundations/one-week-mvp-sprint - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 12 - Tags: MVP, sprint, shipping, project-planning, hands-on - Summary: A day-by-day plan for building and shipping your first product in one week — practical, focused, and achievable. ```text "Turn this product idea into a one-week MVP sprint. Project: [describe it] Available time per day: [time] Must-have features: [list them] Give me a realistic day-by-day plan for: 1. setup 2. first feature 3. second feature 4. polish and fixes 5. deployment and feedback Also tell me what to cut first if the schedule slips." ``` ## Prompt: Java — The Enterprise Workhorse - Prompt URL: https://aicodingguild.com/prompts/java-enterprise - Lesson URL: https://aicodingguild.com/learn/foundations/java-enterprise - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 13 - Tags: java, spring-boot, jvm, enterprise, programming-languages - Summary: Understand where Java lives in the modern tech landscape — Spring Boot, the JVM ecosystem, and why enterprises run on it. ```text "Explain this Java or Spring Boot example in terms I can use as a JavaScript or TypeScript developer. 1. Tell me what the code is doing conceptually 2. Map the Java concepts to familiar web concepts in my stack 3. Point out the route, validation, service, and persistence layers 4. Tell me what assumptions an enterprise team is optimizing for here 5. Do not focus on syntax trivia until the architecture is clear Here is the Java example: [paste code or docs]." ``` ## Prompt: C# and .NET — Microsoft's Full Stack - Prompt URL: https://aicodingguild.com/prompts/csharp-dotnet - Lesson URL: https://aicodingguild.com/learn/foundations/csharp-dotnet - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 13 - Tags: csharp, dotnet, aspnet, blazor, microsoft, enterprise - Summary: Explore the .NET ecosystem — ASP.NET, Blazor, Azure integration, and why C# powers so many enterprise applications. ```text "Translate this .NET example into the web concepts I already know. 1. Explain what part is the language, what part is the framework, and what part is the cloud platform 2. Map the route, data access, auth, and deployment concepts to a JavaScript stack 3. Tell me whether this is modern .NET or old .NET Framework 4. Highlight any Microsoft-specific assumptions, especially Azure or enterprise identity 5. Stop before recommending a stack switch unless there is a compelling business reason Here is the code or documentation: [paste it]." ``` ## Prompt: Python Beyond AI — Django, Flask, and FastAPI - Prompt URL: https://aicodingguild.com/prompts/python-beyond-ai - Lesson URL: https://aicodingguild.com/learn/foundations/python-beyond-ai - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 13 - Tags: python, django, flask, fastapi, web-development, scripting - Summary: Discover Python's world beyond machine learning — web frameworks, data engineering, scripting, and why Python is the Swiss Army knife of programming. ```text "Help me evaluate this Python approach beyond the AI hype. 1. Explain whether this task is better suited to Django, Flask, FastAPI, or no Python web framework at all 2. Show me the smallest maintainable implementation 3. Translate the important parts into concepts I already know from JavaScript 4. Tell me what environment and dependency management it requires 5. Stop before introducing a separate Python service if the same job fits cleanly in my current stack Optimize for fit, not for adding technology for its own sake." ``` ## Prompt: Go — The Cloud Native Language - Prompt URL: https://aicodingguild.com/prompts/go-cloud-native - Lesson URL: https://aicodingguild.com/learn/foundations/go-cloud-native - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 12 - Tags: go, golang, cloud-native, kubernetes, docker, concurrency - Summary: Understand Go's role in modern infrastructure — simplicity, concurrency, its connection to Docker and Kubernetes, and why it's the language of cloud tooling. ```text "Help me decide whether Go is the right tool for this service or utility. 1. Explain why Go is or is not a better fit than Node.js for this job 2. Map goroutines, packages, binaries, and error handling to concepts I already know 3. Show me the smallest realistic Go example 4. Tell me what deployment and operational advantages I actually gain 5. Stop before recommending Go just because it is fashionable in infrastructure circles Optimize for operational simplicity and distribution, not novelty." ``` ## Prompt: PHP — Still Running the Internet - Prompt URL: https://aicodingguild.com/prompts/php-still-running - Lesson URL: https://aicodingguild.com/learn/foundations/php-still-running - Path: Foundations for AI-Assisted Builders - Category: Foundations for AI-Assisted Builders - Estimated minutes: 12 - Tags: php, wordpress, laravel, legacy, web-development - Summary: Learn why PHP powers 40% of the web — WordPress, Laravel, and the legacy codebase reality that every developer should understand. ```text "Help me understand this PHP or WordPress system pragmatically. 1. Tell me whether I am looking at Laravel, WordPress, or custom legacy PHP 2. Explain the overall architecture and where I should start reading 3. Map the main concepts to frameworks and tools I already know 4. Call out version, plugin, security, and maintenance risks 5. Stop before recommending a rewrite unless the current system is truly unsafe or unmaintainable Optimize for realistic maintenance and integration decisions." ``` ## Prompt: The AI Coding Tool Landscape - Prompt URL: https://aicodingguild.com/prompts/ai-coding-tool-landscape - Lesson URL: https://aicodingguild.com/learn/ai-tools/ai-coding-tool-landscape - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, cursor, bolt, replit, v0, lovable, comparison - Summary: Cursor, Bolt, Replit, v0, Lovable compared — which tool fits your workflow? ```text "Help me choose the right AI coding tool for this project. Project type: [describe it] Current stage: [prototype, feature build, maintenance, refactor] My skill level: [describe honestly] Constraints: [privacy, deployment target, code ownership, budget] Recommend: 1. the best primary tool 2. one secondary tool if the project grows 3. the tradeoffs of each 4. the handoff point where I should switch tools instead of forcing one tool to do everything" ``` ## Prompt: Cursor — The Power User's Choice (Setup and First Steps) - Prompt URL: https://aicodingguild.com/prompts/cursor-setup - Lesson URL: https://aicodingguild.com/learn/ai-tools/cursor-setup - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 15 - Tags: ai-tools, cursor, setup, editor - Summary: Install Cursor, configure it for vibe coding, and build your first project with AI assistance. ```text Help me set up Cursor for this project in a safe way. First, explain whether this task should use chat, inline edit, or Composer. Then propose a short `.cursorrules` file based on this stack and these constraints: - [stack] - [current files or feature area] - no new dependencies without asking - stop before auth, schema, billing, or infra changes After that, help me make one small reviewable change and tell me exactly what I must inspect before I accept it. ``` ## Prompt: Bolt.new and Lovable — Instant Full-Stack Apps - Prompt URL: https://aicodingguild.com/prompts/bolt-and-lovable - Lesson URL: https://aicodingguild.com/learn/ai-tools/bolt-and-lovable - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, bolt, lovable, prototyping, full-stack - Summary: Build complete web applications from a text prompt with Bolt.new and Lovable. ```text "I want to prototype this app in Bolt or Lovable. App idea: [describe it] Must-have flow: [describe it] Data fields: [list them] Visual direction: [describe it] Constraints: [auth, payments, storage, deployment, handoff plan] Recommend whether Bolt or Lovable is the better starting point and give me a prompt that is specific enough to produce a usable first prototype." ``` ## Prompt: Replit — Code, Deploy, and Collaborate in Your Browser - Prompt URL: https://aicodingguild.com/prompts/replit - Lesson URL: https://aicodingguild.com/learn/ai-tools/replit - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, replit, browser-ide, deployment, collaboration - Summary: Use Replit for browser-based development, instant deployment, and real-time collaboration. ```text "I want to use Replit for this project. Goal: [learning, prototype, collaboration] App idea: [describe it] Constraints: [no local setup, shareable URL, collaboration, budget] Tell me: 1. whether Replit is the right tool 2. which template I should start from 3. what I should keep simple to stay inside Replit's strengths 4. when I should export the code and move to a different environment" ``` ## Prompt: v0 by Vercel — UI Components From a Text Prompt - Prompt URL: https://aicodingguild.com/prompts/v0-by-vercel - Lesson URL: https://aicodingguild.com/learn/ai-tools/v0-by-vercel - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 10 - Tags: ai-tools, v0, vercel, ui-components, design - Summary: Generate production-ready UI components with v0 and integrate them into your projects. ```text "I want v0 to generate a React component for this screen: [describe the UI, data fields, visual style, empty state, loading state, and mobile behavior] The component must: 1. work in a Next.js + Tailwind project 2. be easy to wire to real data later 3. avoid making up backend logic 4. call out any shadcn/ui dependencies it expects" ``` ## Prompt: Claude Code — When You Want AI in Your Terminal - Prompt URL: https://aicodingguild.com/prompts/claude-code - Lesson URL: https://aicodingguild.com/learn/ai-tools/claude-code - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, claude-code, terminal, anthropic, advanced - Summary: Use Claude Code for terminal-based AI development with deep codebase understanding. ```text "I'm using Claude Code on this project. First, read the codebase and summarize: 1. what the app does 2. how the architecture is organized 3. the risky areas to avoid touching casually Then propose a `CLAUDE.md` file and a safe plan for this change: [describe change]. Do not modify [list protected areas] without asking first." ``` ## Prompt: GitHub Copilot — The AI That Lives in Your Editor - Prompt URL: https://aicodingguild.com/prompts/github-copilot - Lesson URL: https://aicodingguild.com/learn/ai-tools/github-copilot - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 10 - Tags: ai-tools, github-copilot, vs-code, code-completion - Summary: Set up GitHub Copilot for inline code completions and AI-assisted development in VS Code. ```text "I'm using GitHub Copilot in VS Code. Help me get better suggestions for this task: [describe task]. Tell me: 1. what comments or function names I should write first 2. which related files I should open for context 3. when Copilot is likely enough and when I should switch to a stronger multi-file tool 4. what I must review manually before I accept a suggestion" ``` ## Prompt: Tighten My Coding Prompt - Prompt URL: https://aicodingguild.com/prompts/anatomy-of-good-coding-prompt - Lesson URL: https://aicodingguild.com/learn/ai-tools/anatomy-of-good-coding-prompt - Path: Working With AI Tools - Category: Prompt Design - Estimated minutes: 12 - Tags: ai-tools, prompt-engineering, best-practices - Summary: Use this when your current request feels vague and you want the agent to help shape a safer, sharper implementation prompt before files change. ```text **Use this with Cursor or Claude Code before you ask for implementation work:** "Help me tighten this coding prompt before any files are changed. Project context: [stack, app purpose, relevant data model] Goal: [the feature or fix I want] Rough prompt: [paste your current prompt] Rewrite it using these sections: 1. Context 2. Task 3. Specifics 4. Constraints 5. Output Keep the scope limited to one reviewable change. Tell me which assumptions are still missing. Tell me what I must verify manually before I let an agent write code." ``` ## Prompt: System Prompts — .cursorrules and CLAUDE.md Explained - Prompt URL: https://aicodingguild.com/prompts/system-prompts - Lesson URL: https://aicodingguild.com/learn/ai-tools/system-prompts - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, system-prompts, cursorrules, claude-md, configuration - Summary: Write system prompts that give AI persistent context about your project and preferences. ```text **Use this when you want the agent to draft your persistent project instructions:** "Help me write a system prompt file for this project. Tool target: [Cursor / Claude Code / both] Project summary: [what the app does] Stack: [frameworks, languages, key services] Repo conventions: [folders, naming, testing, styling, data access] Constraints: [things the agent must never do] Current phase: [what is already built and what is in progress] Return: 1. A concise `.cursorrules` or `CLAUDE.md` 2. A short list of rules I should not include because they are too vague, too stale, or too noisy 3. A maintenance checklist for keeping this file current as the project changes." ``` ## Prompt: Breaking Big Ideas into Small Tasks — The Decomposition Pattern - Prompt URL: https://aicodingguild.com/prompts/decomposition-pattern - Lesson URL: https://aicodingguild.com/learn/ai-tools/decomposition-pattern - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, prompt-engineering, decomposition, workflow - Summary: Learn why small, focused prompts produce better code than trying to build everything at once. ```text **Use this before you start building a multi-part feature:** "I want to build [feature or app idea]. Break it into 8-12 implementation steps. Requirements for each step: - It must build on the previous step - It must produce something testable - It must avoid mixing auth, billing, schema, and UI redesign into one step - It must name the files or systems likely to change - It must include a short verification check before the next step Start with foundations first. Tell me which steps need my approval before an agent should continue." ``` ## Prompt: Few-Shot Prompting — Teaching AI by Showing Examples - Prompt URL: https://aicodingguild.com/prompts/few-shot-prompting - Lesson URL: https://aicodingguild.com/learn/ai-tools/few-shot-prompting - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 10 - Tags: ai-tools, prompt-engineering, few-shot, examples - Summary: Use examples to teach AI your patterns, styles, and conventions before it writes new code. ```text **Use this when you want the agent to follow an existing pattern instead of inventing one:** "I need a new [component / route / hook / migration]. Use these files as examples: - [file 1] - [file 2] Replicate these aspects: - [imports and file structure] - [error handling pattern] - [response shape or UI composition] Adapt these aspects for the new task: - [field names] - [queries] - [business logic] Before coding, summarize the pattern you see. Call out any inconsistencies between the examples. Stop if the examples appear outdated or conflict with the rest of the repo." ``` ## Prompt: Chain-of-Thought — Making AI Think Step by Step - Prompt URL: https://aicodingguild.com/prompts/chain-of-thought - Lesson URL: https://aicodingguild.com/learn/ai-tools/chain-of-thought - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 10 - Tags: ai-tools, prompt-engineering, chain-of-thought, reasoning - Summary: Use chain-of-thought prompting to get AI to reason through complex coding problems. ```text **Use this for tasks with real logic, architecture, or debugging complexity:** "I need help with [problem]. Before writing code, work in three phases. Phase 1: Think - Explain the problem in plain English - Identify the main rules, dependencies, and edge cases - Point out anything ambiguous or risky Phase 2: Plan - Propose the implementation approach - List files or systems likely to change - Explain how you will verify correctness Phase 3: Code - Do not start this phase until I approve phases 1 and 2 Keep these constraints in mind: [constraints]. Tell me what I must test manually after implementation." ``` ## Prompt: The Anti-Patterns — Prompts That Produce Bad Code - Prompt URL: https://aicodingguild.com/prompts/anti-patterns - Lesson URL: https://aicodingguild.com/learn/ai-tools/anti-patterns - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, prompt-engineering, anti-patterns, mistakes - Summary: Recognize and avoid the most common prompting mistakes that lead to buggy, bloated, or wrong code. ```text **Use this when a conversation with the agent keeps going sideways:** "I am going to paste three prompts that produced bad results. For each prompt: 1. Classify the anti-pattern causing the failure 2. Explain why the prompt created bad code or bad direction 3. Rewrite it into a safer, more specific prompt 4. Add the right constraints, review gates, and stop conditions Use these anti-pattern labels when relevant: mega prompt, vague request, implicit standards, error dump, moving target, trust fall, kitchen sink, outdated assumption. After the rewrites, give me one reusable rule I should add to my workflow so I stop making the same mistake." ``` ## Prompt: The Build-Review-Iterate Loop - Prompt URL: https://aicodingguild.com/prompts/build-review-iterate - Lesson URL: https://aicodingguild.com/learn/ai-tools/build-review-iterate - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, workflows, vibe-coding, iteration - Summary: Master the core vibe coding workflow — generate code, review it critically, and iterate toward your goal. ```text "I want to work in a build-review-iterate loop for this feature. Start with the smallest reviewable slice that proves the approach. After you propose or implement that slice, stop and show me: 1. what you changed 2. what assumptions you made 3. what could still go wrong 4. what the next iteration should focus on Keep each iteration scoped to one to three concrete changes. If we pass five iterations on one feature, tell me to step back and reassess instead of patching blindly." ``` ## Prompt: Review The Diff - Prompt URL: https://aicodingguild.com/prompts/code-review-with-ai - Lesson URL: https://aicodingguild.com/learn/ai-tools/code-review-with-ai - Path: Working With AI Tools - Category: Review - Estimated minutes: 12 - Tags: ai-tools, workflows, code-review, quality - Summary: Use this after an AI-generated change lands so the reviewer focuses on correctness, security, edge cases, and misleading tests. ```text "Review the diff between my branch and `main`. For every finding: 1. label it as must-fix, should-fix, consider, or optional 2. explain why it matters 3. point to the relevant file or code section 4. suggest a concrete fix Prioritize bugs, security issues, missing edge cases, and misleading tests. Do not waste time on style commentary unless it affects correctness or maintainability." ``` ## Prompt: Debug This Without Thrashing - Prompt URL: https://aicodingguild.com/prompts/debugging-with-ai - Lesson URL: https://aicodingguild.com/learn/ai-tools/debugging-with-ai - Path: Working With AI Tools - Category: Debugging - Estimated minutes: 12 - Tags: ai-tools, workflows, debugging, troubleshooting - Summary: Use this when the app is already broken and you need the agent to isolate one likely cause, propose a narrow fix, and define how to verify it. ```text "Help me debug this issue systematically. Feature: [what is broken] Error or symptom: [full message or precise symptom] Expected behavior: [what should happen] Actual behavior: [what happens instead] Steps to reproduce: [exact steps] Relevant code: [paste code] What I've already tried: [list] First tell me the likely root causes in order. Then give me the smallest fix to test first. After that, tell me how I should verify the fix and what related areas I should retest." ``` ## Prompt: Refactoring With AI — Making Code Better Without Breaking It - Prompt URL: https://aicodingguild.com/prompts/refactoring-with-ai - Lesson URL: https://aicodingguild.com/learn/ai-tools/refactoring-with-ai - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 12 - Tags: ai-tools, workflows, refactoring, code-quality - Summary: Use AI to safely improve, reorganize, and simplify existing code without changing what it does. ```text "Help me refactor this code without changing behavior. First explain what the current code does and what parts are risky to change. Then propose the smallest valuable refactoring step. For that step, show me: 1. the files involved 2. what behavior must stay the same 3. what tests or manual checks should prove we did not break anything Do not mix new features into this refactor. If the refactor is too large, split it into reviewable phases." ``` ## Prompt: When to Stop Prompting and Start Reading - Prompt URL: https://aicodingguild.com/prompts/when-to-stop-prompting - Lesson URL: https://aicodingguild.com/learn/ai-tools/when-to-stop-prompting - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 10 - Tags: ai-tools, workflows, learning, understanding - Summary: Recognize when AI stops helping and learn when reading code yourself is the faster path forward. ```text "Do not suggest code changes yet. Help me understand this flow first. Walk me through what happens from [user action] to [visible result]. Reference the key files, functions, and state changes in order. Then tell me: 1. which part I seem not to understand yet 2. what questions I should answer before prompting for a fix 3. whether the better next move is explanation, debugging, refactoring, or a new implementation prompt" ``` ## Prompt: How LLMs Actually Work — For Non-ML People - Prompt URL: https://aicodingguild.com/prompts/how-llms-work - Lesson URL: https://aicodingguild.com/learn/ai-tools/how-llms-work - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 14 - Tags: llm, tokens, context-window, attention, temperature, ai-fundamentals - Summary: Understand tokens, context windows, attention, and temperature without a single equation. ```text "Explain this model behavior in practical coding terms: - why the output changed between runs - why context seems to fade in a long conversation - how I should structure prompts for better focus Use tokens, context windows, attention, and temperature in the explanation, but keep it tied to real development workflows." ``` ## Prompt: OpenAI vs Anthropic vs Open Source — An Honest Comparison - Prompt URL: https://aicodingguild.com/prompts/openai-vs-anthropic-vs-open-source - Lesson URL: https://aicodingguild.com/learn/ai-tools/openai-vs-anthropic-vs-open-source - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 15 - Tags: openai, anthropic, open-source, llama, comparison, ai-models - Summary: Compare the major AI model providers — strengths, weaknesses, pricing, and when to use which. ```text "Help me choose an AI provider strategy for my work. Stack: [describe stack] Task mix: [quick edits, debugging, architecture, code review, private code] Constraints: [budget, privacy, offline needs, existing subscriptions] Recommend: 1. the best default provider 2. when to switch to another provider or model family 3. where open source is worth considering 4. the biggest tradeoffs I should test myself instead of trusting benchmarks" ``` ## Prompt: API Keys, Rate Limits, and Cost Management - Prompt URL: https://aicodingguild.com/prompts/api-keys-rate-limits-costs - Lesson URL: https://aicodingguild.com/learn/ai-tools/api-keys-rate-limits-costs - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 13 - Tags: api-keys, rate-limits, costs, pricing, budget, ai-operations - Summary: Understand AI API pricing, rate limits, budgets, and how to monitor and control your AI spending. ```text "Help me operationalize AI API usage for this app. I need: 1. a secure API key handling plan for local, CI, and production 2. a rate-limit and retry strategy for 429s 3. a budget recommendation 4. guidance on which model tier to use for which task 5. a monitoring checklist so costs do not surprise me" ``` ## Prompt: Fine-Tuning vs RAG vs Prompt Engineering - Prompt URL: https://aicodingguild.com/prompts/fine-tuning-vs-rag-vs-prompting - Lesson URL: https://aicodingguild.com/learn/ai-tools/fine-tuning-vs-rag-vs-prompting - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 14 - Tags: fine-tuning, rag, prompt-engineering, customization, ai-strategy - Summary: Three approaches to customizing AI — when each works, the cost and complexity tradeoffs, and which to try first. ```text "Help me choose between prompt engineering, RAG, and fine-tuning for this use case. Problem: [describe it] Knowledge base size: [small, medium, large] How often it changes: [frequency] Query volume: [approximate] Budget and complexity tolerance: [describe] Recommend the simplest approach that is likely to work, explain why, and tell me what evidence would justify moving to the next level." ``` ## Prompt: Running Local Models — Ollama and LM Studio - Prompt URL: https://aicodingguild.com/prompts/running-local-models - Lesson URL: https://aicodingguild.com/learn/ai-tools/running-local-models - Path: Working With AI Tools - Category: Working With AI Tools - Estimated minutes: 14 - Tags: ollama, lm-studio, local-models, privacy, self-hosted, llama - Summary: Run AI models on your own machine — privacy benefits, performance tradeoffs, setup guides, and when local makes sense. ```text "Design a local AI coding setup for me. Hardware: [CPU/GPU/RAM] Operating system: [OS] Constraints: [privacy, offline use, budget] Typical tasks: [simple coding help, reviews, refactors, chat] Recommend: 1. the best local model size I can realistically run 2. whether Ollama or LM Studio is the better starting point 3. what tool integration I should use 4. which tasks should still go to cloud models if policy allows" ```