978: Should A New Coder Use AI?

Summary of 978: Should A New Coder Use AI?

by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

1h 2mFebruary 11, 2026
Listen to Episode

Overview of 978: Should A New Coder Use AI? (Syntax — Wes Bos & Scott Tolinski)

This episode is a potluck Q&A covering multiple listener questions about practical AI usage for developers, running multiple AI agents, pagination strategies, whether new coders should use AI, how to upskill from older stacks (PHP/jQuery), balancing side projects with family, a real attempted XSS payload submitted to their site, and a few tool/show notes. Wes and Scott give experience-driven, pragmatic answers: use AI as a force-multiplier but not a crutch, plan and validate work carefully, and prioritize learning fundamentals.

Topics discussed

  • Using multiple AI agents concurrently (Cursor, Cloud Code, Claude, etc.)
  • Where AI helps most (research, priming, debugging, small fixes) vs where humans must lead (planning, review, architectural decisions)
  • Pagination types and when to use them: offset, cursor-based, infinite scroll
  • Should a new coder use AI while learning?
  • Upskilling from PHP/jQuery to modern stacks for job hunting
  • Balancing family, job, and side projects
  • Real attempted XSS submission and why sanitization matters
  • RAG (retrieval-augmented generation), Transformers.js and local models
  • Why a guest creator (Chad Whitaker) appeared on the channel and how that will change
  • Sick picks: an e-ink desk device and a battery-powered soldering iron

Key takeaways / main points

  • AI is a tool — extremely helpful for research, scaffolding, debugging suggestions, repetitive fixes, and accelerating workflows, but it does not replace human planning and review.
    • The slow parts are upfront planning/priming and final review/testing — code generation itself is often quick.
    • Good results require explicit context, established code patterns, and clear prompts.
  • Running many agents concurrently is possible and useful for low-stakes or personal projects, but for production code you should limit concurrency and carefully review outputs. Over-running agents leads to review fatigue and fragile code.
    • Useful workflow: spawn an agent for a task, while it runs work on planning/next tasks; let tasks overlap rather than fully parallelize uncontrolled generation.
    • Tools like Sentry (SEER + CLI) can automate triage and feed AI with high-quality context (errors, stack traces).
  • Pagination guidance:
    • Offset pagination (page N shows items (N-1)*size+1 …) is simple but breaks when data changes often.
    • Cursor-based pagination is better for frequently-updating feeds — it uses last-seen IDs/tokens rather than fixed offsets.
    • Infinite scroll fits discovery feeds (TikTok/Pinterest) but must update URL/state (pushState) so users can bookmark/restore position; product listings often benefit from pagination.
    • Business needs (ads, analytics, UX) can influence pagination choices.
  • For new coders:
    • Use AI to learn, research, distill documentation into digestible explanations (bulleted lists, diagrams), and accelerate debugging — but don’t let it be a replacement for mental models and problem solving.
    • Learn fundamentals first (how things work, how to think about problems). Use AI to amplify learning, not to bypass it.
  • Upskilling from older stacks:
    • Build small side projects that target hiring trends. Focus on commonly used tools and stacks: React, Tailwind, modern ORMs (Prisma/Drizzle), Zod for validation, and exposing experience with AI integrations.
    • Demonstrable side projects and updated tooling are often more persuasive than job titles/years.
  • Work/life/side-project balance:
    • Integrate learning into work when possible; make side projects purposeful (solve real problems you or your family have).
    • Pick one thing, master/finish it, then move on. Use asynchronous learning (podcasts, videos) and cut nonessential activities to free time.
  • Security: sanitize user inputs and avoid inserting untrusted content as HTML (e.g., React’s dangerouslySetInnerHTML). The episode included a concrete XSS attempt that tried to inject a script to exfiltrate document cookies.

Notable practical tips & recommendations

  • When using AI for coding:
    • Spend time priming/contextualizing — include coding style, patterns, util functions, and any constraints up front.
    • Validate every change: tests, quick manual review, and spot-check for duplicate utilities or style drift.
    • Use AI for repetitive fixes and backlog bugs you’ve been avoiding — agents can find files and make small changes for you.
  • For multiple concurrent agents:
    • Don’t blindly run five or more agents on important codebases. Overlap tasks selectively and keep human review in the loop.
    • Consider using git worktrees or isolated environments if you actually need multiple changes in parallel.
    • Automate trivial fixes from observability tools (Sentry + SEER) where the context is clear.
  • Pagination:
    • Use cursor-based pagination for feeds or frequently-changing lists.
    • Use offset/paginated pages for static lists where users need to link to specific pages (e.g., podcast episode index).
    • For infinite scroll, update the URL with pushState to preserve user position.
  • Security:
    • Never render raw user input as HTML without sanitization. If you must, sanitize and escape thoroughly; avoid dangerouslySetInnerHTML unless validated/sanitized.
  • RAG & local LLMs:
    • For RAG, ensure your retrieval returns sufficient context (sometimes include neighboring utterances), then pass those to the model.
    • Small local models (via Transformers.js / Hugging Face) can work for local chat but may lack reasoning power — use larger models or cloud APIs for better reasoning.
  • Upskilling:
    • Build projects with technologies currently in demand: React, Tailwind, Prisma/Drizzle, Zod, plus AI tool integrations.
    • Aim projects at hiring keywords while still being personally interesting so you stay motivated.

Security example: attempted XSS explained

  • The malicious payload tried to close a textarea, open a script tag, call fetch to a webhook, and encodeURIcomponent(document.cookie).
  • If the site had taken user input and injected it directly into HTML (or used dangerouslySetInnerHTML in React) without sanitization, that script could run and exfiltrate client-side cookies.
  • Modern frameworks escape text by default, but markdown rendering or unsanitized HTML outputs from AI agents can reintroduce risk — sanitize user-supplied HTML/markdown.

RAG / Transformers.js notes

  • RAG (retrieval-augmented generation): vectorize documents (utterances), store them in a vector DB, perform similarity search to retrieve relevant chunks, then pass those chunks into the LLM prompt.
  • If retrieval returns sparse context or the model answers “no context,” expand retrieval to include adjacent chunks or use a better model.
  • Transformers.js and local models are useful for small/embedded tasks, but larger reasoning tasks often need bigger cloud-hosted models.

Resources & tools mentioned

  • Cursor, Cloud Code, Claude (AI coding tools)
  • Sentry CLI + SEER (root-cause analysis + automatable context)
  • React’s dangerouslySetInnerHTML (security warning)
  • Transformers.js (Hugging Face JS library for local models)
  • Modern stack recommendations: React, Tailwind, Prisma/Drizzle, Zod
  • RAG / vector DB patterns (embedding + retrieval)

Actionable checklist (what to do next)

  • If you’re learning:
    • Continue learning fundamentals; use AI to clarify docs, make diagrams, and speed debugging — but code and debug yourself to build intuition.
  • If you’re using AI at work:
    • Create clear prompts and document coding patterns upfront.
    • Use CI/tests and human review gates before merging AI-generated code.
    • Integrate observability tools (Sentry) to feed well-formed issues to AI for trivial fixes.
  • If switching jobs/upskilling:
    • Build a focused side project using modern stack tech and deploy it; show practical knowledge of those tools.
    • Add examples of AI integration or RAG if you want to highlight modern tooling.
  • For product UX:
    • Choose pagination strategy based on content type; implement URL state preservation for infinite scroll.

Selected quotes (paraphrased)

  • “The slow parts are the planning and the review — the generation is often the easy bit.”
  • “Use AI to distill docs into diagrams and bulleted lists so your brain can form the right mental model.”
  • “If you treat AI as a crutch and not as an amplifier for your learning, it’ll make you dumb — at least for beginners.”

This episode is a practical, measured look at using AI in development workflows — encouraging adoption but emphasizing discipline: plan well, prime the AI, review outputs, and keep learning fundamentals.