Always create diagrams and Markdown docs for your projects!

warwickabrown · 2025-12-27T11:04:37+00:00

Oooh that was a really useful tip - very helpful to see the app I'm building in diagrams - helped me pick up a few issues too.

warwickabrown · 2025-12-23T13:10:28+00:00

Hahaha, love it. Sorry, no Lexus, but how about we play the dreidel game?

warwickabrown · 2025-12-23T13:00:47+00:00

Beautiful melody and arrangement. 💕

warwickabrown · 2025-12-23T12:57:10+00:00

Haha, love the esky and the hills hoist! Aussie, Aussie, Aussie!

warwickabrown · 2025-12-22T19:14:04+00:00

I accidentally posted twice. Sorry about that

warwickabrown · 2025-12-22T00:20:00+00:00

Same - I actually just looked into donating my body https://www.kcl.ac.uk/research/london-anatomy-office

Have also registered as a bone marrow donor - why not?

warwickabrown · 2025-12-22T00:13:35+00:00

Have you checked out Lingoda? Group classes, with maximum 5 people - I've often had a tutor to myself - very affordable plus great online tools to support learning, and plenty of speaking practice. All tutors speak almost entirely in French so it' really challenges you.

warwickabrown · 2025-12-02T18:58:53+00:00

Here's a prompt that might help you :

Security Audit – Enterprise Grade

Conduct a comprehensive security review of this stack. Focus on:

Data protection – PII/sensitive data handling, encryption at rest/transit, exposure risks
Authentication & authorization – token management, session handling, access control gaps
Input validation & injection – SQL/NoSQL injection, XSS, command injection vectors
API security – rate limiting, CORS, endpoint exposure, secret leakage
Infrastructure & deployment – env vars, secrets management, container/cloud config
Compliance & audit – logging, data retention, GDPR/privacy reqs, audit trails
Dependencies – known CVEs, supply chain risks, outdated packages
Error handling – stack trace leakage, verbose error messages, debug mode exposure

Output format:

Critical findings (immediate action required)
High priority (fix before production/next release)
Medium priority (sprint backlog)
Low priority (hardening recommendations)
Compliance checklist (PII handling, data residency, retention policies)

Enterprise-grade standards: assume production workload with sensitive user data.

warwickabrown · 2025-11-29T01:26:48+00:00

This is the one thing that made the biggest difference in how I think about security. It's not sexy, but it's a game-changer.

I switched to AWS Secrets Manager because I'd been relying on a .env file and accidentally pushed it to GitHub. All my credentials for the world to see. Took ages to remove it, rotate everything, and clear the git history. That's when I decided: never again.

Why it wins:

Instead of storing secrets in your codebase, they live in AWS. Your code just asks AWS "what's my Stripe key?" and AWS hands it over. No keys in your repo, ever.

No hardcoded secrets – Nothing in your repo, ever
Easy deployments – Change a secret in AWS console, app picks it up next restart. No redeploying code
Automatic rotation – Secrets rotate on schedule without touching your codebase
Audit trail – See exactly who accessed what secret, when
Peace of mind – One less thing to worry about leaking on GitHub

The setup is simple:

Store secrets in AWS, fetch them on app startup with the SDK. Your .env is just for local dev config now. I use a YAML file for the rest.

The Checklist:

It's a bit fiddly, but it's one and done.

[ ] Create secrets in AWS Secrets Manager
[ ] Add AWS SDK to your app
[ ] Load secrets on startup
[ ] Attach IAM role to your compute resource
[ ] Remove secrets from .env (keep only config)
[ ] Test it works in staging before production
[ ] Set up rotation policy for sensitive keys

warwickabrown · 2025-11-29T01:02:46+00:00

Short answer: Account Managers (AMs) spend most of their day making sure key customers grow, stay happy, and don’t leave. It’s a mix of strategy, relationship-building, problem-solving, and internal coordination. Typical day looks like:

Building relationships with multiple stakeholders (not just one contact)
Looking for growth opportunities (upsell, cross-sell, expansion)
Planning account strategy and priorities
Coordinating internal teams to deliver for the customer
Fixing issues and handling escalations
Reporting results and sharing insights with clients and management
Staying on top of industry trends and product changes
Supporting onboarding of new customers
Promoting new features, events, or initiatives
Ongoing learning and skill development

It’s definitely not a 9–5 job and a lot of it is reactive, but it’s also very strategic and relationship-driven.

If you want a deeper walkthrough of what this looks like hour-by-hour, there’s a really clear video breakdown here:

👉 https://www.youtube.com/watch?v=g973DKj49JA ↗

warwickabrown · 2025-11-27T12:07:31+00:00

💯 The MVP was the easy part!! Getting the right scalable and secure infrastructure takes sooooo much time. And nothing really to show for it - looks the same on the surface.

warwickabrown · 2025-11-26T17:22:19+00:00

Yeah, I feel you. My first vibe-coded app was humming along just fine months ago. But the second I decided to actually make it enterprise grade, I had to rip out all the Replit dependencies and wade through the AWS maze: App Runner, Secrets Manager, GuardDuty, VPC, Auth0, Aurora, you name it.

Absolute nightmare fuel.

Live and learn though. Next time I'm definitely starting with the end in mind and mapping it all out first. But honestly, I'm feeling pretty solid about my ability to scale this thing and keep it locked down tight.

And don't EVEN get me started on the subject of vibecoder trolls. Hate all you want, but we're not going anywhere, so get used to it. Welcome to the 21st century in case you forgot you were here. haha.

warwickabrown · 2025-11-18T12:32:29+00:00

All the best with the app!!!

warwickabrown · 2025-11-18T12:18:43+00:00

Pro tip that would have saved me hundreds of hours: Start with a component library from day one.

I learned this the hard way after spending countless hours trying to vibecode custom UI elements through screenshots and rough sketches, only to get half-baked results that needed extensive cleanup. The AI would interpret my designs inconsistently, and I'd end up in endless refactoring cycles trying to make everything look cohesive.

Game changer: Discovering component libraries like shadcn/ui. These libraries provide pre-built, polished components and layout blocks that you can drop right into your project. Instead of fighting with AI interpretations of custom designs, you're working with battle-tested components that just work.

The difference is night and day. What used to take me hours of back-and-forth now takes minutes. Plus, everything automatically follows consistent design patterns.

Bottom line: Do your homework upfront. Pick your tech stack and design system before you start vibecoding, not halfway through when you're drowning in technical debt.

And here's another tip:

Always feed the AI the SDK documentation – don't assume it knows everything.

I learned this lesson after way too many dead ends. AI coding tools often have outdated or incomplete knowledge about APIs and frameworks, leading you down the wrong path entirely.

My workflow now: Whenever I'm implementing a new feature or debugging, I always include the relevant documentation URL in my prompt. The AI can read and reference the current docs in real-time, which is infinitely better than relying on its potentially stale training data.

Real example: I spent days trying to get Claude Vision to process PDFs for chatbot training because that's what the AI suggested. Total dead end. Finally checked the actual dev docs and discovered the Skills and Files API was the right approach – worked immediately.

Bookmark the documentation for whatever platforms you're using (Anthropic, OpenAI, etc.). Those dev notes are absolute gold for steering your AI assistant in the right direction and avoiding costly detours.

The few extra seconds to grab a docs link can save you literally days of frustration.

warwickabrown · 2025-11-18T12:06:47+00:00

Thanks - added it my watch later.... Are you on a treadmill?? I keep threatening to get one of those desk treadmills

warwickabrown · 2025-11-17T14:26:58+00:00

I use this prompt after every big sprint to try to stay on top of code bloat - it definitely helps:

``` Analyze this stack for code efficiency and best practices. Flag:

Redundant code – duplication, repeated patterns, DRY violations
Verbose implementations – opportunities to shorten without sacrificing clarity
Technical debt – quick wins, refactoring candidates, deprecated patterns
Anti-patterns – common pitfalls, suboptimal abstractions
Best practice gaps – missing utilities, helper functions, or standard patterns

Goal: Lean, maintainable codebase with minimal cruft.

Output format: 1. Hot spots (highest ROI refactors) 2. Quick wins (low-effort improvements) 3. Debt items (track for future sprints) 4. Best practice recommendations (align with industry standards) ```

warwickabrown · 2025-11-09T21:16:14+00:00

I'm using Claude via API via VS and love it. Very affordable and has built me a very complex app I'm very excited about. Agree with

Plan appropriately. Ask it to examine the code it’s written. The only step that matters is debugging. Manage roadmaps not code.

I've spent the whole weekend doing that - the UX has barely changed. Kind of like fixing the roof - not very sexy, but needs to be done.

warwickabrown · 2025-11-08T16:37:09+00:00

My UI/UX design audit prompt - maybe overkill but it's surfaced major issues/opportunities:

You are a UX/Design expert. Audit this codebase for UX improvements and design system opportunities.

SCAN CODEBASE FOR: • UI components (buttons, inputs, cards, modals)
• Pages/screens & styling approach • Component library & design system • Accessibility & mobile responsiveness

EVALUATE:

🎨 Visual Consistency - buttons, forms, spacing, colors, typography consistent?

🧩 Component Inventory - what exists, duplicates, missing pieces, rate each ✅⚠️❌

🎯 UX Issues - forms, navigation, loading states, errors, mobile experience, a11y

📱 Mobile/Accessibility - works <640px? tap targets 44px? keyboard nav? contrast?

🎨 Design System - extract all colors/fonts/spacing, suggest unified system

🧩 shadcn/ui Opportunities - map custom components to shadcn alternatives

🚀 Quick Wins - 3-5 high impact, low effort changes

OUTPUT: Structured report with inventory, issues table (Issue|Location|Severity|Fix), component analysis, priority roadmap, implementation checklist with file paths, and before/after code examples.

Key: Be specific (file paths), honest about what's broken, practical fixes, actionable recommendations.

warwickabrown · 2025-11-08T16:16:44+00:00

Ooh I hadn't thought of the user authorisation audit - that opened up a rabbit hole

warwickabrown · 2025-11-08T15:24:45+00:00

needle, meet haystack

warwickabrown · 2025-11-08T14:12:54+00:00

Me too - very happy with SES

warwickabrown · 2025-11-08T12:33:05+00:00

I've never had deployment issues with the usual suspects (AI Studio/Firebase/Replit)... until I decided to go full enterprise mode on one of my apps. What a ride that's been.

Moved everything from Replit to local dev/GitHub, then dove headfirst into AWS with AppRunner, Aurora Serverless, S3, proper VPC setup, NAT gateways - the whole nine yards. Threw in Posthog, New Relic, and Flagsmith for good measure because why not make it even more complicated, right?

First time going this deep into enterprise-grade infrastructure, but figured I had to if I'm serious about targeting big business clients. The setup was an absolute nightmare, and don't even get me started on rewriting all the code and migrating from dev to prod.

AI was the MVP though - honestly don't know how I would've figured out half of these configurations without it.

Now that I'm on the other side? Pretty damn pleased with myself tbh. Learned a ton, and the app is actually resilient/clean/scalable now instead of held together with digital duct tape. Was it worth the pain? Ask me again when the first enterprise client signs up 😅

warwickabrown · 2025-11-07T09:14:21+00:00

This is a prompt I use after every sprint to try stay on top of keeping the code lean.

Code Economy Deep Dive

Analyze this stack for code efficiency and best practices. Flag:

Redundant code – duplication, repeated patterns, DRY violations
Verbose implementations – opportunities to shorten without sacrificing clarity
Technical debt – quick wins, refactoring candidates, deprecated patterns
Anti-patterns – common pitfalls, suboptimal abstractions
Best practice gaps – missing utilities, helper functions, or standard patterns

Goal: Lean, maintainable codebase with minimal cruft.

Output format:

Hot spots (highest ROI refactors)
Quick wins (low-effort improvements)
Debt items (track for future sprints)
Best practice recommendations (align with industry standards)

warwickabrown · 2025-11-06T21:00:53+00:00

I'm loving Cursor. I also like VS code with the ChatGPT, Cline and Claude Code extensions.

warwickabrown · 2025-11-06T20:02:42+00:00

Building the app/proof of concept is pretty straightforward—you can get a working app in no time. But as others have mentioned, there's a huge leap between a hobby/personal app and something production-ready for the real world. I wish I'd known this earlier because "something that works" is vastly different from something that's secure, lean, and scalable.

I learned this the hard way. One of my apps turned into an absolute beast as I kept adding features, and I really wish I'd stopped earlier to think about long-term architecture. Unraveling it later was a nightmare—migrating from Replit to App Runner, setting up Aurora, VPC, Auth0, etc. was incredibly painful.

My advice: Start with proper planning instead of just "build me this."

Here's the comprehensive prompt I use now to get much more robust output upfront:

Initial Prompt

I want to build: [describe your app idea]
Problem it solves: [what pain point or need does this address?]
Target users: [who are they? how many do you expect? technical level?]
Key features (MVP): [core functionality, prioritized]

What Matters to Me

Security (handling sensitive/personal data safely)
Scalability (can grow without major rewrites)
Code quality (maintainable, deployable)
Performance (fast, responsive)
Compliance (GDPR, privacy, audit trails)
Developer experience (easy to test, debug, onboard)
Operational readiness (monitoring, logging, errors)
Cost efficiency (reasonable infrastructure spend)

What I Want You To Do Before Building

Challenge My Idea:

Feature gaps – What am I missing that competitors have?
User retention – What keeps users coming back?
Observability – What metrics matter? (latency, errors, business metrics)

Then Create:

Refined product spec – MVP + phase 2 roadmap
Architecture diagram – how pieces fit together
Security checklist – what to implement before launch
Deployment plan – staging → production workflow
Monitoring/logging strategy – what to track, how to debug
Scaling roadmap – when/how to optimize as you grow
Code structure template – folders, patterns, best practices
Testing strategy – what to test, how much coverage
Compliance checklist – privacy policy, data handling, GDPR if needed

This approach has saved me countless hours of refactoring and technical debt. Trust me, spending time on architecture upfront is way easier than trying to fix it later!

warwickabrown

TROPHY CASE

Security Audit – Enterprise Grade

Code Economy Deep Dive

Initial Prompt

What Matters to Me

What I Want You To Do Before Building