G
Guy
Guest
We just shipped working, secure code to production.
It was written by Claude.
But only after I locked it in a container, stripped its freedoms, and told it exactly what to do.
This isnβt an AI-generated brag post.
This is an explanation of what happens when you stop treating LLMs like co-founders and start treating them like extremely clever interns.
The Problem: Vibe Coding Is Chaos
If youβve ever prompted AI to βbuild me a secure backendβ, then youβve experienced:
- Hard-coded secrets
- No config separation
- Auth hacked together
- Layers in the wrong places
- Database logic in controller methods
- Security that is more reminiscent of a first-year student project
It _feels _impressive. But the output is not shippable.
I once tried building a Monkey-Island-style game with Claude at 2am just for fun. It ended with me screaming at a yellow rectangle on an HTML canvas.
Fun? Yes.
Useful? Not remotely.
The Insight: Claudeβs Not the Problem, You Are
Claude is phenomenally good at code generation if you feed it the right prompts, at the right level of granularity, and in the right order.
When I use it personally, it acts as a co-architect. I bounce ideas off it, I get help debugging and sometimes it even surprises me with novel solutions (like using inherited env vars + process scanning for child cleanup across Windows/Linux).
But left to its own devices on a complex problem or wide-open scope?
Chaos.
The gap isnβt capability, itβs orchestration.
Soβ¦ I put Claude in jail. Hereβs what I did:
Claude gets containerized
A clean, temporary dev environment. No Git credentials. Limited network access. No escape.
Start with a user story
Human developers arenβt expected to work off a one-line mission statement, so why should AI be any different? I feed it a detailed user story that a human developer would be happy with.
Chain-of-thought agent breaks down the work
βBuild a login systemβ becomes 20+ sub-tasks: token handling, session state, role config, browser caching, etc.
Claude gets micromanaged step-by-step
Each sub-task is prompted as a mini workflow: analyse β code β fix β verify
Final Claude pass reviews everything
It outputs a structured JSON diff with explanations.
We converted that to a GitHub PR
A human reviews. If itβs clean, we merge. If not, we loop until weβre happy.
Every time the task ends, the Claude container is destroyed.
No memory of past sins. No rogue commits.
Clean. Contained. Effective.
The Result?
- 15β20 minutes per story
- PRs that pass internal review
- No vibe coding
- Shippable code with zero hallucinated libraries or misaligned assumptions
Itβs slower per interaction than just βask it to codeβ β but way faster overall.
Less rework. Less debugging. More trust in what comes out the other end.
Can You Do This Too?
If you're expecting GPT or Claude to magically build your app from a one-line prompt, you're going to be disappointed.
But if you're willing to:
- Break tasks down
- Containerize your AI workflows
- Build orchestration logic
- And treat your LLM like a task-executing machine, not a co-pilot
...then yes, it can code for you. And you can ship it.
The Big Question
Donβt think of AI as a replacement. AI is the intern. Orchestration is the manager. And humans are still the ones deciding what matters.
But hereβs what I keep asking myself, and Iβd love to hear your thoughts:
What do you think?
Want to See the Whole Architecture?
I wrote up a full 3-part breakdown of the system, including failures, lessons, and technical design:
Why I Put Claude in Jail
Read Part 1 on Substack β https://powellg.substack.com/
Itβs funny, raw, and surprisingly useful. Part 3 includes a detailed breakdown of the orchestration model and how we integrated Claude into our platform.
TL;DR
LLMs aren't co-founders. They're interns.
Give them tight specs, step-by-step instructions, and no keys to prod.
We built a jail for Claude. And now it ships production-ready code.
Let me know if you want beta access - weβre opening testing soon and would love to get your feedback.
Continue reading...
