
The Vibe Coding Hate Is Justified. For All The Wrong Reasons
The backlash against vibe coding is justified, just that the reasoning for it isn’t. Here’s the actual case against vibe coding no one is making.

The following content in this article is not legal advice, and is meant for informational and educational purposes. If you have questions about how the Texas Responsible Artificial Intelligence Governance Act (TRAIGA) applies to your business or current legal situation, please consult with a licensed and certified attorney in your jurisdiction.
Most Texas businesses don’t know this, but a new Texas AI law has been in effect since January 1, 2026. In seven weeks at the time of writing, broader enforcement will kick in on September 1, 2026 as the Attorney General will have their complaint portal live on their website. Each violation carries penalties ranging from $10,000 to $200,000 fines.
As of 2025, there are 3.5 million small businesses across Texas. Furthermore, 58% of businesses nationwide use AI while 77% of them who are already using AI will have a significant negative impact on their operations with regulations in place based on survey statistics by the US Chamber of Commerce.
I build AI agents and custom software for a living, having done so since I was 16 years old. I recently deployed B.E.N.N.Y. on my project management/CMS software, J.A.L.E., which I discussed in my previous article. While AI can create significant opportunities for businesses, such as income generation and lead increases, the way in which the systems are designed and the manner in which AI solutions are implemented must consider several important factors, such as transparency, human oversight, and responsible usage.
To provide a brief summary, TRAIGA (also known as the Texas Responsible Artificial Intelligence Governance Act) is a law that covers a broad range of protections and rights for Texas residents. Most importantly, it covers how AI is utilized by both developers and businesses within the state. TRAIGA mandates that AI is not to be used to infringe the rights of individuals, nor to discriminate, manipulate, or distribute prohibited content, such as sexually exploitative images or texts.
Because of the broadness of TRAIGA, which was further explained in an article written by Norton Rose Fulbright, the law applies to anyone who engages in the promotion, advertising, or does business in Texas by distributing any form of AI. The law also extends to both the deployer (the individual or entity who deploys the product for use) and the developer (the person who creates the AI product to be distributed to the consumer base).
TRAIGA doesn't just apply to Texas-based businesses only. Any other entity that brings their operations to Texas, whether it's part of an expansion, relocation, or branching effort to promote their business, is automatically subject to the state's laws. In other words, if they are from states such as Washington, California, or New York, and want to expand their AI product line to Texas, they are legally obligated to comply with requirements. The same also applies if they're offering and distributing AI systems remotely or if a Texas resident utilizes it.
On the AI side, TRAIGA also covers a broader scope of what AI is. According to the law firm, Greenberg Traurig, the law defines AI as a machine-based system that utilizes or "infers" from inputs it receives to determine the generation of outputs, decisions, predictions, or recommendations.
Lastly, the law also covers a crucial aspect that subjects both individuals and entities to penalties: discrimination. The Texas Attorney General’s website makes this very clear as the authority executing this law: an individual or entity is prohibited from developing an AI system or any form of AI software that clearly and intentionally discriminates against a protected class. One notable distinction that the law makes compared to other AI discrimination laws across the country is that Texas does not count disparate impact as discrimination unless said individual and/or entity in question intentionally discriminated against the affected party.
For example, a company going by the name Test Business LLC decides to purchase an AI product from a third-party vendor whose name is Shady AI Systems Inc. This AI product is a fully automated workflow that manages their daily operations, such as handling income, generating sales reports on how much was gained or lost during Q1 through Q4, managing employees, conducting payroll, etc.
However, Shady AI Systems does not disclose the discrepancies with their software, especially in the employee management section.
Since Test Business LLC has two or three older employees who have been in the trade for more than 20 years, the system is more likely to flag them for cuts to their hourly schedule compared to their younger employees, who by contrast, get awarded more hours compared to their more experienced peers.
At first glance, it may seem that Shady AI Systems, who is the developer and the vendor of this product, may have unintentionally deployed their latest version without realizing that there was a bug that led to this issue. This makes the case for disparate impact.
However, in this scenario, unbeknownst to Test Business LLC, their vendor has a history of developing systems that tend to discriminate against older employees, which has been recorded in several public complaints and lawsuits against the company. This revelation alone is exactly what would draw the scrutiny of the Texas AG’s office due to a potential violation of the anti-discrimination clause in TRAIGA.
However, due to Test Business LLC’s failure to conduct a background check on their vendors, it will make it harder for them to argue to the Texas Attorney General’s office that they didn’t intend to discriminate against their employees. Because they didn’t ask their vendors for documentation, any history of failures, or the process in which the model follows to make their decisions regarding the sections it covered, they won’t have the documentation to prove that they didn’t intend to discriminate.
TRAIGA has a section where businesses can protect themselves if a situation similar to the scenario above occurs. By documenting their interactions with their vendors and/or developers who contributed to the AI systems they’re using, they’re essentially following a framework established by the NIST, commonly known as the NIST AI Risk Management Framework.
This framework is helpful for businesses whenever they are subject to questioning by the Texas AG’s office, allowing them a chance to come forward with their own evidence proving that they conducted their due diligence and did not show any intention to discriminate or violate any aspects of TRAIGA.
In the case of Test Business LLC, however, it makes it harder for them to argue their innocence since they never recorded any information regarding their interactions with Shady AI Systems Inc., nor did they note down the performance issues they observed or the complaints coming from their older employees.
I previously mentioned in my vibe coding piece that I published two weeks ago at the time of writing this article that whoever uses AI-generated code still bears responsibility for how it’s used, even if an AI generated it for them. A similar concept of due diligence applies for both individuals and entities using AI products whether they bought it from a third-party or had it developed themselves. Businesses who engage in this practice have a legal and moral obligation to check whether the product that they’re using is safe and sustainable for them in the long-term.
With TRAIGA in place and the Texas AG’s office planning to publish their complaint portal for the new law on their site in September 2026, the stakes couldn’t be higher. Otherwise, they’re going to be ending up in situations similar to the Test Business LLC example.
I want to close off by stating that I wrote this piece because I want business owners to be aware of the risks that they’re taking if they’re not compliant with the regulations set by the new law that took effect in the beginning of this year. As a software engineer and AI developer who’s been building systems since high school at the age of 16, I’ve seen the impact they can have on not just on the business itself, but also on consumers who utilize these products for their daily lives and operations. It’s important to consider the fact that you must always check either with your vendor/seller or with your development team if there are any risks associated with the product, because in the future, if you have a claim against you or find something is off, you must always have proof in hand.
That’s the same process I always follow when I develop software or whenever I’m writing pieces like these. Trust, but verify. Always. Never get comfortable.

Ruben Christopher Arevalo
Software Engineer & Founder · Ruben Arevalo AI & Software Studio
Software engineer with 8+ years of experience, building custom AI systems, web applications, and internal business software for businesses in the Rio Grande Valley and across Texas.
Learn more about Ruben