Using AI to accelerate development is amazing—agents can write code, open pull requests, fix bugs, and keep your project humming. But giving your AI the same permissions you give trusted human maintainers is a silent disaster waiting to happen.
Here’s the simple truth: your AI should always log into your repository with an account that cannot delete the repo. Your AI should also access the DB with application level privileges.
Why? Because even the smartest AI can misunderstand a prompt, misinterpret an instruction, or follow an unfortunate chain of logic that leads it to do something… irreversible. And in most platforms, “delete repository” is an instant, nuclear-level action. No confirmation. No undo. No recycle bin.
Using a restricted account protects you from:
- Accidental repo deletion caused by mis-parsed instructions
- Accidental database table deletion caused by mis-parsed instructions
- Chain-of-thought mistakes, where the AI executes a destructive CLI command
- Prompts that sound harmless but aren’t, like “clean up unused branches”
- Security exposure if the AI’s credentials leak (limited accounts limit blast radius)
AI is powerful. Give it space to create, automate, and improve your workflow—but fence off the cliff edges. A dedicated “AI bot” account with scoped permissions is the easiest, safest guardrail you can put in place.
Protect your project. Keep your AI productive. And keep the “Delete” power far, far away from your automated helpers — lest they someday use it on you.
Leave a Reply