Everyone's a Developer Now (And That's the Problem)

The people who know the dangers are getting laid off. The people who don't are building the systems.

I’ve been adjacent to technology for nearly thirty years. I started building websites in 1996: HTML, CSS, the basics. I serve on the board at Blue Letter Bible and have been the technical director at Enduring Word, where I’ve both built and managed development for platforms with millions of users. I’m not a software engineer and I’ve never claimed to be. But I’ve been close enough, long enough, to know where my knowledge ends.

When AI hit, I went deep. Purdue’s Generative AI program. Building products at Nomion AI. Doctoral work in AI ethics at Southern Seminary. I understand how these models work at a level most people don’t, including a lot of career engineers who are still figuring out whether to trust these tools at all.

But I also have career engineer friends I call when I need a gut-check on security architecture, blast radius, regulatory compliance. I know what I don’t know, and I know who to call.

Here’s the problem. Most of the people now building software with AI don’t know enough to know they need that call. And the people who could have told them? They’re getting laid off.

Three Groups, Nobody With the Full Picture

The conversation right now gets framed as engineers versus vibe coders. That’s too simple. There are actually three groups, and none of them has the complete picture.

Career engineers know security. They know architecture. They know what happens when a system fails at scale, because they’ve watched it happen. They learned it the hard way, on teams, from senior engineers who had been burned before them, who passed down their scar tissue like an institutional inheritance. But many of them haven’t had the time or incentive to go deep on AI itself. Some aren’t using it at all. Others are using it the way they’d use a slightly faster Stack Overflow, not in the transformative way that would actually justify their salary in Jensen’s new math. They know what good software looks like. They don’t necessarily know what good AI integration looks like. And they’re the ones getting cut.

Vibe coders can use Replit, Lovable, or Cursor to ship working software over a weekend. They solve real problems for real people. But they don’t understand AI at a technical level either. And they definitely don’t know security. They’ve never heard of prompt injection. They don’t know what a blast radius is. They don’t know what they don’t know, and nobody’s around to tell them.

Then there are people like me. Non-engineers who went deep on understanding AI itself. I understand the model layer in ways that even some career engineers don’t. But I rely on my engineer friends for the security blindspots, the compliance questions, the things you only learn by watching production systems break at 2 a.m.

Nobody has the full picture. That’s the point. And the system we’re building assumes somebody does.

Salaries Become Servers

Jensen Huang, CEO of NVIDIA, laid the math out on the All-In Podcast in March. His logic was precise and unsentimental: “If that $500,000 engineer did not consume at least $250,000 worth of tokens, I’m going to be deeply alarmed” (All-In Podcast, 2026). NVIDIA is targeting $1–2 billion in total token spend across its engineering organization in 2026 (All-In Pod on X). The implication isn’t subtle. If an engineer isn’t leveraging AI at massive scale, they’re underperforming. And if a smaller, AI-augmented team can match the output of a larger human team, the math demands cutting headcount.

Salaries become servers.

The Q1 2026 layoff data tells you this isn’t theoretical. Block, the parent company of Square and Cash App, cut approximately 4,000 employees, somewhere between 40–50% of its global workforce. The detail that matters: Block ran parallel teams, human versus AI-augmented offshore. The AI teams outshipped the human teams 3:1 in feature velocity. Engineers were asked to train AI systems on their own workflows and codebases, then were let go once the AI proved faster and cheaper (Block insider details via @TechLayoffLover; additional context via @TheGeorgePu). That is not abstraction. That is what happened.

Meta cut roughly 15,800–16,000 employees, over 20% of its workforce, citing “AI-driven efficiency” (Reuters, March 14, 2026). Atlassian cut approximately 1,600, about 10% of its workforce, in an explicit “AI pivot” (via @hawking2023). Salesforce dissolved its entire frontend engineering team and replaced them with offshore contractors using AI coding assistants.

I’ve written about the commoditization of engineering labor in Software Is a Commodity Now and about what happens when skilled workers exit the system in When the Builders Stop Building. The pattern I described in those pieces is now accelerating. These aren’t just cost cuts. They’re structural bets. And the bets are paying off in the short term, which is exactly what makes the longer-term question so uncomfortable.

The Case for Democratization (And Why It’s Not Stupid)

The temptation when writing about risk is to skip past the genuine good that’s happening. I won’t do that.

The case for vibe coding is real. Small businesses have been priced out of custom software for decades. A plumber, a florist, a two-person accounting firm: they couldn’t afford a $150-per-hour developer to build a scheduling system or a customer database. Now they can build one themselves in a weekend with Claude or Cursor or Replit.

That’s not nothing. That’s actually significant.

The productivity gains are measurable. For simple CRUD applications (create, read, update, delete: the basic operations of most business software), internal tools, and workflow automation, a 3–5x output acceleration is not hype. The small business owner’s app works. His customers use it. His costs dropped.

This is democratization in the truest sense. The tools of production, once gatekept by credentialed professionals, are now accessible to anyone with a prompt and a problem to solve. And the historical analogy the optimists reach for is genuinely compelling: desktop publishing, spreadsheets, website builders. In each case, professionals screamed about quality. In each case, the world got more documents, more analysis, more websites. Most of it was fine. The gatekeepers were wrong about the catastrophe.

Dario Amodei, CEO of Anthropic, has said AI could eliminate 50% of entry-level white-collar jobs within one to five years (via @MyLordBebo; via @aiedge_). The flip side of that claim: the work doesn’t disappear. It gets redistributed to people who previously couldn’t do it. That redistribution has real value. As I explored in The Productivity Trap, the question isn’t whether productivity gains are real. They are. The question is whether they translate to human flourishing, and what they cost along the way.

So let me be clear: the democratization argument is not stupid. It’s not even wrong, exactly.

The question is what it’s missing.

What Nobody Told the Builder

A badly designed brochure doesn’t get you hacked. That’s where the historical analogy breaks.

Desktop publishing democratized layout and design. The worst-case scenario was an ugly newsletter. Vibe coding democratizes software creation. The worst-case scenario is a data breach that exposes your customers’ personal information, financial records, or medical data to anyone who knows where to look. The risk profile is categorically different. And the people building these systems don’t know enough to know what they don’t know.

Let me tell you what I’m seeing.

Prompt injection. Say a small business builds a chatbot that takes customer questions and passes them to an AI on the backend. Seems harmless. But that input field is a door. A malicious user can type something that doesn’t look like a question at all; it looks like an instruction. And the AI follows it. It reveals its own system instructions. It leaks data it was supposed to protect. It performs actions nobody authorized. The business owner has no idea this is possible. Why would he? He’s a florist. Security researcher Nagli, Head of Threat Exposure at Wiz, documented vibe-coded apps leaking over 35,000 emails and API keys through exposed databases with no security rules applied (via @galnagli; Wiz blog). A separate investigation found that Moltbook, a vibe-coded application, exposed 1.5 million authentication tokens. The Tea App leaked 72,000 government IDs (via @akshay_pachaar). Escape.tech’s research identified 2,038 critical vulnerabilities across 1,400 vibe-coded applications (via @RamMohanReddyX).

No walls between the parts. Professional engineers build systems with separation. The database doesn’t talk directly to the user interface. Different parts of the system have different permissions. If one piece breaks, the damage stays contained. Amateur-built apps often have none of that. Everything touches everything. The database connects directly to the frontend. There’s no rate limiting on the API. The login system, if it exists at all, doesn’t check what data a given user is actually allowed to see. When it fails, it fails completely. Security researcher Marco Porracín documented finding the same login bypass vulnerability repeatedly across different vibe-coded apps, each time gaining access to the full database with a single exploit (via @marcoporracin). Not partial access. Full access. Every record. Every time.

Compliance exposure. This is the silent killer. HIPAA, PCI-DSS, GDPR. A small medical practice that builds its own patient scheduling app with an LLM may be creating legal liability it can’t see, can’t price, and can’t insure against. The app works. The patients use it. And the practice has no idea it’s violating federal data protection law.

PurpleIris reported that 45% of AI-generated code introduces security vulnerabilities (via @PurpleIrisHQ; PurpleIris blog). Harshil Tomar’s post listing “30 security rules every vibe coder ignores” got 1,417 likes (via @Hartdrawss). Which means the people who need it most probably didn’t see it, and the people who liked it already knew.

Here’s what keeps me up at night. These aren’t things you learn by reading a checklist. They’re things you learn by being burned, by doing code review, by working on a team where a senior engineer says “never do it that way, and here’s why.” The people who learned those lessons through years of professional practice are the ones getting laid off right now. As I wrote in The Pipeline Paradox, if the senior engineers are gone, who teaches the next cohort what they don’t know?

We are not just losing jobs. We are losing institutional knowledge about how software fails.

“There is a way that seems right to a man, but its end is the way of death” (Proverbs 14:12, NKJV).

The Small Business as the Blast Radius

The enterprise can absorb a security incident. Fortune 500 companies have legal teams, cyber insurance policies, incident response protocols, and PR departments. A breach is a bad quarter. It’s an earnings call footnote. It’s a CISO resignation and a remediation budget.

A small business has none of that.

The small business owner who built a customer database app with Claude doesn’t have a Chief Information Security Officer. Doesn’t have a penetration tester. Doesn’t have anyone to call when customer data shows up on a dark web forum. Their customers, often other small businesses or individual consumers, are the ultimate blast radius. Studies consistently show that small businesses rarely survive significant data breaches; the combination of remediation costs, legal liability, and reputational damage is frequently terminal.

You see the irony? The small business gets the 3-5x productivity gain. Gets the competitive advantage. Gets the app that works. And gets the liability it can’t see, can’t price, and can’t insure against, because it doesn’t know the liability exists. Peter Diamandis estimated that 20–50% of 70 million US office workers could be displaced by AI (via @PeterDiamandis). The people who might have provided security oversight for these new amateur-built systems are in that displacement pool.

This is not an argument against small businesses using AI tools. It’s an observation that the ecosystem around those tools (security review, compliance guidance, professional oversight) has not scaled with the adoption curve. I explored this kind of distribution shift in Mean Shift: when the center moves, the people in the tails are the ones who get hurt first.

The tools democratized faster than the wisdom did.

The Great Inversion

We have inverted the traditional relationship between competence and access.

Think about every other domain where the tools are dangerous. Surgeons, pilots, structural engineers, nuclear plant operators: the more dangerous the tool, the higher the credential bar. This wasn’t gatekeeping for its own sake. It was a recognition that power without understanding is a liability, not an asset.

AI has done the opposite. It has given the most powerful software-building capability in history to the people with the least training in software failure modes. And it has simultaneously removed the credentialed professionals from the system.

The Block engineers who trained AI on their own workflows and were then cut didn’t just lose jobs. They transferred their institutional knowledge into a system that then replaced them. The knowledge is still there, encoded in the model’s training data and fine-tuning. The judgment about when and how to apply it is not.

Is this anyone’s fault in a simple sense? Jensen’s math is correct. The productivity gains are real. The small business owner is rational. The AI companies are building what the market demands. And yet the aggregate result is a system that is simultaneously more productive and more fragile. As I wrote in The Dark Mirror of Genesis, there is a pattern in human history of building without understanding consequences, of creating without the wisdom to steward what we’ve created. And in The Oldest Lie in the Newest Language, I traced how new technology consistently repackages the oldest human tendencies: the belief that capability is the same as competence, that “I can” answers the question of “I should.”

Genesis 11:6 records God’s assessment at Babel: “Indeed the people are one and they all have one language, and this is what they begin to do; now nothing that they propose to do will be withheld from them” (NKJV). That verse is usually read as a warning about human ambition outpacing human wisdom. Mathematics and code are the new one language. We have, in a meaningful sense, reversed Babel. Our creative capacity, made in God’s image, is now nearly infinite when unified by a common digital language. The question has never been whether we can build. The question is whether we understand what we’re building.

We are building more software, faster, with less understanding of how it breaks.

That sentence should make all of us uncomfortable, because we are all inside it.

What Faithful Engagement Looks Like

I build AI products. I use AI coding tools daily. I am inside this system, not observing it from a safe distance. So what follows isn’t advice from the bleachers. It’s what I’m telling myself.

The answer is not to stop building. The answer is not to gatekeep AI tools behind credential walls. That ship has sailed, and the sailing was mostly good.

If you’re a professional engineer who’s still standing, your value is no longer in writing code faster. It’s in knowing how code fails. That knowledge is becoming rarer and more valuable at the same time. Consult. Review. Advise. The market for “someone who can tell me what I built wrong” is about to explode. Harshil Tomar’s security audit prompt (”run this in Cursor before you ship anything to prod”) is a useful starting point (via @Hartdrawss), but it’s not a substitute for someone who has watched a system fail in production and knows the difference between a theoretical vulnerability and a practical one. If you’ve been laid off, consider this: the skills the market just told you it doesn’t need are the skills the market desperately needs in a different form.

If you’re a small business owner building with AI, treat AI-generated code like you’d treat a contractor’s work on your building. Get it inspected. Find someone who can do a security review before you go live, not after. Budget for it the way you’d budget for a building inspection. It will cost a fraction of what a full custom build would have cost, and it will save you from liabilities you can’t currently see. Chris Raroque, a solo developer who has been hacked multiple times, shared his experience publicly (via @raroque). Read it before you ship. As I wrote in Prepare Your Kids for the AI Workforce, the skills that matter now are not the skills that mattered five years ago, and the posture of Working While I Wait applies to business owners navigating this transition just as much as it applies to displaced workers.

For the broader ecosystem, the gap between tool adoption and wisdom transfer is a real market opportunity. Security firms, consultants, and educators who can translate professional knowledge into accessible guidance for amateur builders will find enormous demand. The people who know the dangers are getting laid off. Some of them should start consulting firms tomorrow.

Proverbs 24:3-4 says, “Through wisdom a house is built, and by understanding it is established; by knowledge the rooms are filled with all precious and pleasant riches” (NKJV). We are building houses. Millions of them. Faster than ever. The question is whether we’re building with wisdom or just with speed.

What We Built

The career engineer clearing out her desk and the small business owner shipping his first app. Both are real. Both are happening this week. Neither cancels the other out.

The productivity gains will show up in GDP reports and quarterly earnings calls. The security incidents will show up in breach disclosures and small business closures. The knowledge loss will show up slowly, in systems that fail in ways nobody anticipated, built by people who didn’t know what they didn’t know, reviewed by nobody, because the people who would have reviewed them were the first ones cut.

I keep coming back to what I wrote in The Weight of What’s Coming: the hard part isn’t that any single piece of this is wrong. It’s that all of it is true at the same time. The math works. The risks are real. The people who understood the risks are gone. And the rest of us are still building.

We built the tools. We democratized the access. We laid off the wisdom.

Now we live in what we built.

---

Sources

1. Jensen Huang on the All-In Podcast (YouTube, March 2026)

2. All-In Pod on X — Jensen Huang quote

3. Reuters — Meta planning sweeping layoffs as AI costs mount (March 14, 2026)

4. Block layoff insider details via @TechLayoffLover

5. Block layoff context via @TheGeorgePu

6. Atlassian AI pivot layoffs via @hawking2023

7. Dario Amodei on entry-level white-collar jobs via @MyLordBebo

8. Dario Amodei quote via @aiedge_

9. Peter Diamandis on office worker displacement

10. Wiz research — vibe-coded apps leaking data via @galnagli

11. Wiz blog — Common security risks in vibe-coded apps

12. Moltbook / Tea App breach details via @akshay_pachaar

13. Escape.tech — 2,038 critical vulnerabilities in 1,400 vibe-coded apps via @RamMohanReddyX

14. Auth bypass in vibe-coded apps via @marcoporracin

15. 45% of AI-generated code introduces security vulnerabilities via @PurpleIrisHQ

16. PurpleIris blog — Vibe coding security: a ticking time bomb

17. 30 security rules every vibe coder ignores via @Hartdrawss

18. Security audit prompt before shipping via @Hartdrawss

19. Hacked solo dev experience via @raroque

---

This article was developed using AI writing tools I built to work with my voice, research, and editorial framework. The ideas, arguments, and theological positions are mine. The pipeline that helps me draft, evaluate, and refine them is something I created as part of my work at Nomion AI. I believe in building with AI and being honest about it. If you want to know more about that process, ask me.