Stop coding. You haven't done the research yet. // DEVAL NATH

Everyone's building with AI now. Cursor, Claude Code, Windsurf, Bolt. Pick your weapon. You describe what you want, the agent writes code, and ten minutes later you have something that looks like a working app.

Looks like.

Here's what actually happens next: you try to add a feature, something breaks, you paste the error back in, the agent "fixes" it by quietly removing a validation check, and now you have a working app with a security hole you'll never notice. I've been there. Most people building with AI have been there.

The problem isn't the tools. The problem is we skip the part that makes the tools useful.

The 70% wall

There's a pattern that keeps showing up in every honest conversation about AI coding. The first draft looks great. Then you start iterating, and things fall apart. Columbia University researchers studied this across five major coding agents (Cline, Claude, Cursor, Replit, V0) and found the same failure modes everywhere: silent business logic errors, broken error handling, agents that "fix" bugs by disabling safety checks.

A CodeRabbit analysis of 470 GitHub pull requests found AI co-authored code had 1.7x more major issues than human-written code. Logic errors were 75% more common. Security vulnerabilities ran nearly 3x higher.

These aren't weird edge cases. These are the predictable consequences of skipping research and jumping straight into implementation.

Why planning feels wrong (but isn't)

I get the resistance. You open Cursor, you have an idea, you want to see code. Planning feels like you're wasting the AI's speed.

But Addy Osmani, who's spent years shipping code at Google, describes his AI workflow going into 2026 the same way: the first step is brainstorming a spec with the AI, outlining a plan, fleshing out requirements. All before writing a single line of code. He compiles this into a spec document covering requirements, architecture, data models, and testing strategy. Only then does implementation begin.

Randal Olson puts it more bluntly: 75% of your time should be in the first two phases (planning and design). The actual coding should be the easy part. If implementation feels hard, you didn't plan enough.

This isn't theory. Teams with strong planning and review processes see quality improvements from AI tools. Teams without them see quality get worse. The AI amplifies whatever you already have, good or bad.

What research actually means here

"Do your research" sounds vague. Let me be specific.

Before you touch an AI IDE, you should know what you're building and for whom. Not "a SaaS app." What problem, for which users, with what constraints. If you can't explain the data model on a whiteboard, you're not ready to prompt an agent.

You should know what the architecture looks like. Services, data flow, auth model, infrastructure. You don't need every detail, but you need the skeleton. An agent that doesn't know your system's shape will invent one, and it probably won't match what you needed.

You should know where the risks are. Multi-tenant access? Payment processing? User-generated content? These are the places where AI-generated code fails hardest, because LLMs optimize for "does it run?" not "is it safe?"

And you should know what you're not building. Scope creep kills AI-assisted projects faster than anything. If you haven't defined your non-goals, every prompt becomes an invitation for the agent to add features you didn't ask for.

Use a planning bot before you use a coding agent

Here's a practical trick that works well: before you open your AI IDE, open a separate AI chat (Claude, ChatGPT, whatever you prefer) and use it purely for research and architecture planning. Not code. Not implementation. Just thinking.

You can go further. Set up a custom bot (a Claude Project, a custom GPT, or just paste a system prompt into your chat) that's specifically designed to interrogate your idea before you build it.

I use one that acts as a systems architect. It doesn't write code. It asks questions. It runs through a checklist of every architectural layer (data models, auth, infra, scalability, security, failure modes) and identifies what I haven't thought about yet. It gives me an "architecture completeness score" and keeps pushing until the gaps are filled.

The result is a document I can hand to a coding agent with confidence. No ambiguity. No missing context. No "figure it out" that leads to silent assumptions.

The workflow, start to finish

Start by opening a planning chat. Paste the system prompt above into a custom bot or a new conversation. Describe your idea, even if it's half-baked. The bot will ask you the questions you forgot to ask yourself.

Answer honestly. If you don't know something, say so. "I haven't thought about auth yet" is infinitely better than letting a coding agent invent an auth model for you.

Once the bot has enough context, it produces a full architecture spec: data models, API structure, auth, infra, the works. Plus a master implementation prompt you can feed directly to your coding agent.

Then open your IDE. Take that implementation prompt, drop it into Claude Code or Cursor or whatever you use. The agent now has real context. It knows the data model. It knows the constraints. It knows what not to build.

You'll feel the difference immediately. Instead of an agent guessing your architecture, it's executing a plan.

This isn't about slowing down

I know what you're thinking. "This adds steps. I thought AI was supposed to make things faster."

It does make things faster. But the speed comes from eliminating rework, not from typing less. The people who get the most out of AI coding tools aren't the ones prompting fastest. They're the ones who spend time upfront so the agent doesn't have to guess.

Andrej Karpathy coined "vibe coding" to describe what happens when you just give in to the vibes and forget the code exists. It's a real feeling, and it's fun. But security researchers are finding open databases, missing auth checks, and 2,000+ vulnerabilities across thousands of publicly deployed vibe-coded apps. That's the cost of skipping research.

Do the thinking first. Let the AI do the typing after.