Test With Three Fake Users

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-vibecoder-fake-users-test

1. Why is it important to test an application with three distinct user roles (User A, User B, and Admin) rather than just one?

   1. Admin accounts are more powerful so they should be tested first
   2. Different roles expose different permission bugs that only appear when users try to access each other's data
   3. Testing with three users is required by most app stores for approval
   4. User A and User B will always have identical permissions so testing one is sufficient

2. What does 'write the smallest useful scope the agent can finish' mean for AI-assisted development?

   1. Ask the AI to build the entire application in one prompt for efficiency
   2. Define the minimum viable feature set that provides real value before adding more
   3. Have the AI write only code comments rather than functional code
   4. Write the smallest possible code regardless of whether it works

3. What does it mean to 'run the result as a user, not as a fan of the tool'?

   1. Only test the tool on weekends when fewer people are online
   2. Share your results with fans of the AI tool on social media
   3. Test the application from the perspective of an actual end user, not from the developer's assumptions
   4. Celebrate every output the AI generates regardless of quality

4. What three things should you inspect BEFORE sharing an AI-generated feature with others?

   1. Marketing copy, pricing strategy, and competitor analysis
   2. Color scheme, font size, and button placement
   3. The code diff, data access patterns, and failure paths
   4. Social media reactions, download counts, and user reviews

5. Row Level Security (RLS) in databases like Supabase is designed to:

   1. Enforce permissions at the database level so users can only see data they're authorized to access
   2. Automatically generate user interfaces from database schemas
   3. Create visual charts showing who accesses the database most frequently
   4. Make database queries run faster by prioritizing admin users

6. What is 'scope creep' in AI-assisted app building?

   1. Features keep expanding beyond the original plan, making the project unmanageable
   2. The database grows larger than the available storage capacity
   3. The AI gradually becomes more capable over time
   4. The user interface slowly drifts toward outdated design trends

7. Which question should guide AI-assisted development?

   1. What cool features can the AI generate today?
   2. How can I make the app look like a major tech company?
   3. What should the user be able to do when this is finished?
   4. Which programming language is the most impressive?

8. What makes vibe coding different from traditional software development?

   1. The human owns product judgment and safety while AI handles implementation details
   2. Vibe coding eliminates the need for any testing because AI is perfect
   3. All code must be written by humans, not AI
   4. Vibe coding requires formal computer science degrees

9. What does it mean for code to be 'reversible'?

   1. The code can be read from bottom to top without confusion
   2. The application works on both iOS and Android devices
   3. The code can run in both forward and backward directions
   4. You can easily undo changes and return to a working state if something goes wrong

10. What is a 'brittle fix loop'?

    1. A coding pattern that automatically tests itself
    2. A method for securely encrypting passwords
    3. A loop that runs very quickly due to efficient code
    4. A situation where each bug fix creates two new bugs, never reaching stability

11. What should an AI-generated application NEVER expose to unauthorized users?

    1. Public statistics about app usage
    2. The application's color scheme and branding
    3. The name of the AI model used to generate the code
    4. Private user data, admin functionality, or data belonging to other users

12. What is the key skill that separates beginners from experienced developers when using AI?

    1. Turning AI demos into observable, reversible, and safe products
    2. Memorizing thousands of code examples
    3. Knowing how to ask the AI to do things
    4. Writing longer and more detailed prompts

13. A proper test for a permission change should:

    1. Work perfectly the first time since AI generates correct code
    2. Verify that users can only access what they're authorized to access and cannot see restricted data
    3. Be skipped if the change seems simple
    4. Only test positive cases where access is granted

14. Why is 'naming the job before naming the tool' important?

    1. Tool names are copyrighted and must be handled carefully
    2. It makes the AI generate code faster
    3. Jobs cannot be named after tools for legal reasons
    4. It ensures you understand what you're building before deciding how to build it

15. What is 'hidden public data' in the context of app security?

    1. Public data that is encrypted with a hidden key
    2. Data that has been intentionally deleted but still appears in search results
    3. Data that is publicly visible but should be private, often due to misconfigured permissions
    4. Marketing materials that companies prefer not to publicize