Rahul on why AI coding is becoming risk management

In a new thread, Rahul argues “fable+” models act more like English-to-code interpreters than copilots. The real bottleneck shifts to review, trust, and permissions around sensitive systems. His take hints at how software delivery could change fast.

Rahul on why AI coding is becoming risk management

TL;DR

  • “fable+” models: Framed as English → code interpreters, producing “correct” code for complex, large diffs
  • Review discipline: Small diffs for auth/identity/data access/network/money movement; larger diffs for empirically checkable plumbing/perf
  • Shipping bottleneck: Speed shifts from PR generation to review, merge, and trust cycles
  • Validation stack: Emphasis on linters, testing, CI, shadow mode verification, and other empirical checks
  • Agency as constraint: Prioritization, required stack understanding, and risk assessment before changes land; opt-in permissions for DB/network/PII
  • Complexity economics: More code for marginal performance may become rational; refactors less painful; deep review reserved for high-risk areas

In a post on X, Rahul argues that newer "fable+" code models are better understood as "English -> code interpreters" — systems that turn intent into "correct" code, even when the task is complex and the resulting diff is large. He goes further, suggesting that "Fable 5 will be the worst of this new class of models," implying that the technology is still early, even as it gets more capable.

A large part of the thread focuses on review discipline. Rahul suggests keeping diffs small in high-risk areas like auth, identity, data access, network access and money movement, while allowing larger changes in code that can be checked empirically, such as frontend plumbing, backend plumbing and performance work. In that model, shipping time is less about how quickly a pull request is produced and more about how quickly it can be reviewed, merged and trusted.

He also points to the infrastructure that makes this possible: linters, testing, CI, shadow mode verification and other forms of empirical validation. Rahul’s argument is that the real bottleneck is “agency” — deciding which problems need attention first, how much of the stack needs to be understood, and what sort of risk a change introduces before it lands. He also calls for opt-in permissions around database writes, database reads, network egress and PII access.

One of the thread’s sharper claims is that the cost of complexity itself may be changing. Rahul suggests that it could soon make sense to maintain more code in exchange for small performance gains, and that larger refactors may become less painful as models improve. Even so, he says line-by-line logical review should be saved for the places where it matters most, while correctness bugs remain easier to fix than access bugs.

The post has already picked up 1,662 likes and 63 replies, with commenters broadly circling the same theme: software engineering may be moving toward risk management as much as code generation. Some replies welcome that shift, while others question how long humans stay in the review loop. The full thread is worth a read for anyone tracking how AI coding tools are changing the shape of software delivery.

Source: X

Continue the conversation on Slack

Did this article spark your interest? Join our community of experts and enthusiasts to dive deeper, ask questions, and share your ideas.

Join our community