Kavya

7 Harsh Truths About MVPs I Learned Building 30+ in a Year

What got you to $1M will not get you to $10M. Not your systems. Not your offers. Not your team. The strategies that worked at one level become the ceiling at the next.

Your whole life changes after you make your first $1 on the internet.

20 Stripe mistakes that quietly turn SaaS billing into a support nightmare bookmark this before your first 100 paying users. 1/ Payment succeeds, but webhook fails > user gets charged... your database still says “free plan” 2/ Webhook signature never verified in Stripe > anyone can hit your endpoint and fake successful payment events. 3/ No idempotency key on payment creation > user refreshes once... card gets charged twice. 4/ Trial ends, subscription activates early > wrong `trial_end` logic = angry users and refund requests. 5/ Failed renewal instantly removes access > one temporary card issue turns into permanent churn. 6/ No dunning emails configured > expired cards quietly kill MRR every month. 7/ Refund issued, entitlements never revoked > customer gets money back... premium access stays active. 8/ Upgrade/downgrade proration not shown clearly > Stripe calculates correctly. your UI makes it look like overcharging. 9/ Frontend shows USD, backend charges INR > user thinks your product is broken or dishonest. 10/ No handling for `invoice.payment_failed` events > subscription dies silently, nobody gets notified. 11/ Selling internationally with no tax setup > first EU customer = VAT compliance problem. 12/ Chargeback filed, no evidence submitted > automatic loss + dispute fee + lost revenue. 13/ Trial-to-paid conversion never tracked > you’re growing... but have no idea what converts. 14/ Coupon applied at checkout, missing on invoice > instant support tickets and refund requests. 15/ Usage-based billing calculated outside Stripe > one bug = underbilling or angry enterprise customers. 16/ Checkout session expires mid-payment > user filled everything... now they start over. most never do. 17/ Test keys and live keys mixed in deployment > fake customers in production. real panic. 18/ Free plan has no limits > one power user eats your server costs for free. 19/ Annual cancellation flow has no refund logic > customer cancels after 4 months... your support team improvises policy. 20/ No payment method update flow > card expires, billing fails, customer wants to pay... but can’t. most billing systems do not break at checkout. they break 30 days later... when renewals, retries, refunds, taxes, and real users show up.

20 things that make your vibe-coded app a PRODUCTION NIGHTMARE bookmark this before your next launch. 1/ Service role key exposed in the frontend > one browser inspect later... your entire database is public. 2/ Row Level Security turned off in Supabase > one bad query and users start seeing each other’s data. 3/ Stripe checkout built... but no webhook listener > payment succeeds. your app never upgrades the user. 4/ Auth checked in React components instead of server routes > hiding a button is not security. API still stays wide open. 5/ AI-generated API routes with no Zod validation > one malformed payload and your backend starts writing garbage. 6/ `SELECT *` queries shipped to production > works on 20 rows. times out on 20,000. 7/ No indexes on `email`, `user_id`, or `created_at` > every dashboard load becomes a full table scan. 8/ File uploads stored on local server disk > one week later... storage full, uploads dead, deploys failing. 9/ `console.log(user)` left in production > emails, tokens, and user data now live in your logs forever. 10/ `any` everywhere in TypeScript > app compiles. runtime becomes your real test suite. 11/ No error boundary in React > one broken component = white screen for the entire app. 12/ AI installed packages you never reviewed > bloated bundle, deprecated dependencies, hidden security issues. 13/ No `onDelete: cascade` on related tables > user deletes account... orphaned records everywhere. 14/ Payment retries not handled in Stripe > card fails once. subscription dies forever. 15/ Session tokens never rotated > stolen session = unlimited access until you notice. 16/ No test account with zero permissions > founder account works. real users get permission errors on day one. 17/ `.env` accidentally committed once > keys are exposed. now rotation becomes your weekend. 18/ No database backups before migrations > one AI-generated schema change... months of user data gone. 19/ No timeout on third-party API calls > one slow integration and your whole request hangs. 20/ “Works locally” is your deployment checklist > production immediately proves otherwise.

PRO TIP FOR FOUNDERS ADDING AI TO THEIR PRODUCT: here’s what actually works across AI features we’ve shipped: 1/ Trigger AI from user intent, not from menus > if users have to “go find the AI button,” adoption dies fast. > the best AI features appear exactly when the user is already stuck, typing, searching, editing, comparing, or deciding. > AI should show up inside the workflow... not next to it. 2/ Never send raw prompts without product context > “summarize this” is not enough. > include who the user is, what screen they’re on, what action they just took, what data matters. > the same model gives completely different output when context is structured properly. 3/ Log every prompt + output + user action > did they accept it? edit it? ignore it? regenerate it? > if you are not tracking what happens after the AI responds, you are blind. > usage tells you more than feedback ever will. 4/ Design for correction, not perfection > your first output will not always be right. that’s normal. > what matters is how quickly the user can fix it. > add “edit,” “retry,” “shorter,” “more formal,” “try again.” one click, no friction. 5/ Protect costs before usage explodes > one user hitting regenerate 40 times can destroy your margins. > add token limits, rate limits, caching, and usage tracking before launch. not after your first invoice. AI features do not win because they feel smart. they win because they save time inside a workflow users already repeat. that’s where retention comes from.

6 vibe coding mistakes that quietly destroy production apps. Bookmark this before your next deploy. 1/ Letting AI build auth without testing a second account > your founder account works perfectly because it owns everything > first real user logs in... `/dashboard` returns 403, invites fail, permissions break, admin routes leak Fix: create a test account with zero permissions and try to break everything. 2/ Prompting “fix TypeScript errors” across the whole repo > Anthropic Claude starts adding `any`, `@ts-ignore`, `as unknown as`, and forced casts everywhere > the red lines disappear... the real bugs do not Fix: fix type errors file by file. never repo-wide. 3/ Shipping database migrations without reading the SQL > AI adds `drop column`, rewrites foreign keys, changes defaults you never touched > one migration later... production users cannot log in or existing data disappears Fix: read every generated migration before it touches production. 4/ Building payments in one prompt > Stripe checkout works. payment succeeds. everything looks fine > then renewal hits 30 days later... users lose access because no webhook, no billing sync, no retry logic exists Fix: checkout + webhooks + billing state. all three or none. 5/ Letting AI install packages without checking dependencies > you asked for one editor > now your repo has 14 new packages, 3 date libraries, and a deprecated auth dependency Fix: review every install. if you do not know why it exists, remove it. 6/ Testing only with your own account > cached sessions, admin permissions, seeded data... everything feels perfect > first customer signs up to an empty dashboard, broken onboarding, and missing permissions Fix: test on incognito + fresh email + zero seeded data before every launch.

THIS GUY VIBE CODED AN ALARM APP OVER THE WEEKEND… AND TURNED WAKING UP INTO A BOSS FIGHT 🤯 he kept oversleeping 6 alarms every morning still hitting snooze without thinking so he rebuilt the whole idea now the alarm doesn’t stop until you *do something* → pushups → make your bed → step outside and take a photo no more “tap to dismiss” you don’t snooze it built in a weekend just to fix his own problem

THIS GUY VIBE CODED A FITNESS APP WITH CLAUDE… AND TURNED WALKING INTO A BET 🤯 his idea was simple: people already love betting so he built a step app around it you put money on hitting 10,000 steps today miss it? you lose your money hit it? you split the pool from everyone who didn’t so instead of fake badges and streaks… your motivation is real money and the fear of losing it honestly… that’s a very different kind of fitness app.

THIS GUY BUILT A TOOL THAT LETS YOU WATCH CLAUDE CODE EDIT YOUR CODE… LIVE 🤯 normally with Claude Code… you just stare at a terminal and hope it’s not breaking everything this changes that you can now watch every file change in real time → live diffs as Claude edits → see what files are touched → watch lines added + removed instantly 100% open source on GitHub

THIS GUY LOST $187… BECAUSE CLAUDE CODE FOUND AN API KEY HE FORGOT ABOUT 🤯 he was running Claude Code on a paid plan but his project also had an ANTHROPIC_API_KEY sitting inside a .env file for a totally different service Claude picked up the key… and started billing the API instead of his subscription no popup no warning no billing alert 9 charges later… he noticed the scary part? his account still looked like it was using his subscription the whole time if you have Claude projects with old .env files, CI jobs, cron tasks, side services… it’s probably worth checking your setup tonight. one forgotten env variable can get expensive fast.

SOMEONE JUST FOUND A WAY TO CUT CLAUDE CODE TOOL CALLS BY 94% 🤯 one command… and it indexes your entire codebase into a local knowledge graph so instead of constantly scanning files the agent just queries the graph → supports 19+ languages → runs fully local → no API keys 100% open source

Your onboarding flow is quietly killing activation. The first 60 seconds decide more than most realize. What works on almost every product I’ve worked on: 1/ Show one next step not 8 features fighting for attention 2/ Let users feel value before asking them to configure everything 3/ Never show empty dashboards pre-fill, demo data, templates, anything but a blank screen 4/ Ask only for what you need right now every extra field creates friction 5/ Give them one quick win in the first minute small success = momentum 6/ If onboarding has steps, show progress people finish what feels finishable 7/ Save invites, integrations, advanced setup for later day 1 is not the time 8/ Remove anything that feels like work before value 9/ Make skip buttons obvious trapped users rarely become retained users 10/ Track where users actually drop off not where your team assumes they do

Your pricing page is quietly killing conversions. I’ve reviewed 40+ SaaS funnels across products we’ve built. 15 mistakes I keep seeing: 1/ No recommended plan highlighted → users do not want to compare 4 options and make the “perfect” choice. they want a clear starting point. 2/ Feature comparisons are too vague → “advanced analytics” means nothing. show exactly what users unlock. 3/ Monthly pricing is visible, yearly savings are buried → users never see the bigger value. 4/ Enterprise just says “contact sales” → with no context, buyers assume expensive... and leave. 5/ No trial, guarantee, or money-back signal → asking for commitment before trust kills intent. 6/ Too many plans → more options rarely increase conversion. they usually increase hesitation. 7/ Features are written in technical language → buyers pay for outcomes, not implementation details. 8/ Usage limits are unclear → surprise charges scare people more than higher prices. 9/ Upgrade path feels confusing → users should instantly understand what happens as they grow. 10/ Billing toggle is hidden → if annual vs monthly is hard to compare, yearly conversions drop. 11/ No social proof near pricing → at the payment stage, trust matters most. 12/ Free plan has no path to paid value → users sign up... but never understand why they should upgrade. 13/ Taxes or extra fees appear late → checkout surprises destroy intent. 14/ Checkout asks for too much → high-intent users hate unnecessary forms. 15/ No refund or cancellation clarity → uncertainty kills purchases faster than price. Most founders obsess over getting users to sign up. The smarter ones fix what happens when users are finally ready to pay. That’s where revenue usually leaks.

NON-ENGLISH PROMPTS MIGHT BE COOKING YOUR CLAUDE LIMITS 🤯 one user ran the exact same prompt same account same session same task but switched from English to German and Opus 4.7 burned through the entire session almost instantly why? Claude charges in tokens not words and some languages pack way more tokens into the same idea compound words special characters different tokenization patterns which means: same prompt same subscription but way less actual usage one simple workaround: prompt in your language ask for the output in English small change massive difference.

20 billing mistakes that quietly kill SaaS revenue save this before your first real wave of paying users. 1/ Payment succeeds, but internal state update fails > customer gets charged… your app still shows “free plan” 2/ Webhooks handled without idempotency > retry = duplicate upgrade, duplicate email, duplicate chaos 3/ Subscription lifecycle not modeled properly > upgrade/downgrade logic breaks as soon as users switch mid-cycle 4/ Failed renewal instantly removes access > one failed card = instant churn, no recovery window 5/ No retry strategy for failed payments > you gave up after the first failure, Stripe didn’t 6/ Trial ends without a grace period > users lose access mid-flow and never come back 7/ Cancelled subscription doesn’t revoke entitlements > user stops paying… nothing changes on your side 8/ Refund processed but usage continues > money returned, infra still being consumed 9/ Live and test environments mixed > real users triggering fake logic, or worse 10/ Payment success page treated as confirmation source > user closes tab → system never updates 11/ No dunning flow for expired cards > subscriptions silently die without warning 12/ No renewal reminders sent > users forget, then dispute the charge 13/ Tax rules ignored until global users arrive > growth turns into compliance fire drill 14/ Seat changes not reflected in billing > users scale teams, billing stays frozen 15/ Usage tracking not real-time > invoices become guesses, not truth 16/ Coupon logic not fully tested > discounts stack into unintended pricing 17/ No recovery from failed checkout sessions > high intent users vanish after one error 18/ Plan changes don’t sync entitlements > downgrade happens in billing, not in product 19/ Billing portal and product state out of sync > user cancels… system still thinks they’re active 20/ Billing never tested with non-admin accounts > everything works for you, breaks for real users most billing failures don’t show up at scale. they show up the first time real money flows through your system. and by then, trust is already on the line.