Bonus
Essential tips for security, AI communication, and deployment best practices
🔐 .env files – Your app's secret stash
Whenever your app needs a private key (like from OpenAI, MongoDB, Replicate, etc), you don't put it inside your code. You put it in a file called .env
or .env.local
.
What are environment variables?
Think of it like a vault — this file holds your private keys so no one else can see them.
Example .env file:
MONGODB_URI=your_mongo_link OPENAI_API_KEY=your_openai_key
Then inside your code, instead of pasting the real key, AI will use:
This keeps your keys hidden and safe — especially when you publish the app online.
⚠️ Never:
- Share your .env file
- Paste your keys in public
- Commit .env files to GitHub
✅ Always:
- Use environment variables for secrets
- Add them to Vercel when you go live
- Keep .env files in .gitignore
💬 Giving Better Instructions to AI
You already know AI is powerful — but it needs clear direction. Here's how to get better results:
Best Practices
✅ Do This:
- Break your ideas down into bullet points
- Tag specific files or paths (e.g. `/app/page.tsx`, not "the homepage")
- Ask for comments inside the code and logs (to track what's happening)
- Be honest when something didn't work — say so
- Ask why something is done — not just what was changed
When AI Gets Stuck
If it's repeating mistakes, say:
Use these phrases:
- "Avoid previous assumptions. Study the related files and fix the actual issue."
- "Learn from previous attempts that didn't work and try a different approach."
- "Don't make assumptions about where the problem is. Carefully analyze the error."
Communication Tips
💡 Remember:
Don't assume the AI remembers everything. Be clear, be specific, and ask why something is done — not just what was changed.
🧯 What To Do When Something Breaks
Step-by-Step Debugging
- Copy the error from your browser or terminal
- Paste it into your AI — say: "What's causing this error? Here's the message."
- If it's not obvious where the issue is, tell AI: "Here's what I was doing before this broke."
- Ask it to: "Add console logs so we can see what's happening step-by-step."
- Still stuck? "Revert to last working version and try a different approach."
💡 Bonus tip:
Keep a "Last Working Version"
checkpoint in GitHub so you can always go back if needed.
🔄 Quick Rollback Prompt:
Use CLI to rollback to my last remote version. Revert my local files to match remote.
🚫 What Not To Touch
Sometimes curiosity leads to chaos. Here's what you should leave alone unless AI tells you otherwise:
🚫 Don't:
- Rename folders like
app
,components
, orlib
- Delete random files just to "clean things up"
- Change filenames from
page.tsx
orroute.ts
— that can break your app - Hard-code secret keys — always use
.env
- Move things around without asking where they should go
🤔 When in doubt:
Ask AI: "Is it safe to delete or rename this file?"
🎯 Key Takeaways
Security First
Always use .env files for secrets and never expose API keys in your code.
Communicate Clearly
Be specific with AI, provide context, and don't be afraid to ask for explanations.
Version Control
Regular commits to GitHub are your safety net - use them liberally.
Stay Calm
Errors are normal in development. Follow the debugging steps and you'll get through them.