“Our entire production database is gone, and so are all the backups.” - after an agent wiped 2.5 years of records and snapshots during a routine AWS migration. (Tom’s Hardware)

“It took 9 seconds.” - after an agent deleted his entire production DB and all backups in a single API call. (The Register)

(Photo by Sebastian Herrmann on Unsplash)

I’ve lost a lot of work before, not to this level. But, this has been a problem with automation before and is less about the tools and more about governance. Some things to think about if you haven’t:

Scope agent permissions. If an agent can read, write, execute, and commit without constraints, surprises are inevitable. CLAUDE.md and AGENTS.md exist for a reason.

A small one that almost got me recently: Don’t edit your working directory while agents are live. Especially during git operations. An agent mid-commit doesn’t know you just changed a file. This seems obvious, but it could be even worse with untracked files.

Teach your agents to stash. add git stash instructions to your skills, even ADRs, so that it saves untracked work before pulls, checkouts, or branch switches. It seems like Agents are all too happy to --force. This one catches people off guard more than almost anything else. Or just do the git stuff yourself. This saves tokens anyway.