Getting the most out of AI tools requires being able to actually trust them.

But you can’t just blindly trust AI tools to write code for you and ship it without issues. You might win sometimes, but you’ll eventually have a serious problem. It’s not responsible.

If you don’t want to end up doing something like deleting your production database in 9 seconds, this article (and newsletter!) is for you.

Guard production against agents

Your first job is containment.

Agents should not have direct access to production systems. No direct database credentials. No ability to run destructive commands.

If you don’t already follow these patterns, you should start:

• Read-only replicas for exploration

• Feature flags for risky changes

• Strict environment separation

• Scoped API keys with minimal permissions

If an agent can cause irreversible damage in one step, that’s not an AI problem. That’s a systems design problem.

Design your environment so the worst-case agent mistake is annoying, not catastrophic.

Give agents a way to validate their work