It’s fine for hobbyists and first drafts.
I would recommend against using “good enough” code in a larger professional setting.
“good enough” code is basically a requirement at Facebook. (As an upper limit, not a lower limit.)
Oof
In a professional (business) setting, I would argue to weigh the overall impact before committing to using additional resources. For example, good enough now, better later can mean the difference between failure and success.
Until the security flaws or just bad customer reception costs you more than the extra effort.
There may not be any security flaws and it may be providing the customer with something they don’t even have now, but want.
But also, doing it until it’s perfect doesn’t mean it’s actually going to be perfect.
I have a meeting about this exact thing tomorrow. If they just agreed to phase 1 being enough back in June, we wouldn’t have needed to lay people off. But we have to over engineer everything!!!