TL;DR I use AI coding tools for scaffolding, tests, docs, and boring boilerplate. Architecture and module boundaries stay human‑led. We broke the app into small vertical slices, added guardrails, and shipped faster.
- Large applications slow down as complexity grows.
- Code reviews take longer as dependencies multiply.
- Once the codebase exceeds the model’s context window, AI becomes unreliable.
I worked on a similar application and learned how to keep a mid‑to‑large system clean as it scales.
Break the application into small, focused modules (Auth, Payments, Notifications, Search, etc.).
Give each module a clear contract (OpenAPI, AsyncAPI, typed interfaces).
- Boundaries — What belongs inside each module
- Communication patterns — REST, events, or shared types
- Data ownership & consistency — including CDC when needed
- Cross‑cutting guardrails — auth, security, rate limits, uptime
- Testing strategy
- Security testing
- Repo + delivery strategy
- Where to avoid using AI
Where AI Helps (and Where It Doesn’t)
- Scaffolding: controllers, services, repositories, DTOs, validation pipelines
- Boilerplate: logging, error handling, config, DI, authorization setup
- Tests: unit tests, contract tests, test data, basic security tests
- Documentation: READMEs, API examples, module guides
- Refactoring: renaming, restructuring, cleanup
- Architecture decisions
- Complex business logic (edge cases, conditions, failure modes)
- Security‑critical components
- Anything involving sensitive code
AI is an assistant — not the architect.
- Speed: huge boost for repetitive work
- Consistency: cleaner naming and patterns
- Source control: easier merges and commit hygiene with structured prompts
- Better documentation: faster to create and update
- Less time wasted on syntax issues
- Quality drift: code looks right but isn’t safe
- Contract drift: modules misalign if not enforced
- Shallow tests: AI defaults to happy paths
- Privacy & licensing concerns
- Architecture erosion: quick fixes break long‑term integrity
Without reviews, expertise, contract tests, and security checks, you’ll hit a wall.
- Strong context + knowledge files (clean system prompt, templates, cleanup routines)
- One‑page module ADRs for Users, Auth, Payments, Notifications, Search
- Contracts‑first approach using OpenAPI + AsyncAPI
- Scaffold with AI — one module at a time
- Add guardrails (coding standards, formatting, security scans, contract tests)
- Ship vertical slices — API + UI + tests per module
- Document continuously — READMEs, API examples, ADRs
AI accelerates the productivity. Architecture protects
Use both intentionally to build fast and build clean.
