I had someone vibecode an app then ask to put it in production. Had to rejigger the logging, security, testing, deployment. But these things are all something you can do with a prompt once you know. Is this project following best practices for security and data privacy? How would I release this? Let’s implement a test suite. Where do the logs go and how can I access them when debugging?

There's truth to this. I find that most of my non-llm work is happening in the "seams" between apps and services - data ownership, security, infra, etc. Things that are happening outside the IDE.