I use LLM dev tools, and even have Supabase MCP running. I love these tools. They allowed me to create a SaaS product on my own, that I had no chance of creating otherwise as a long out of practice dev.

However, we are nowhere near the reliability of these tools to be able to:

1. Connect an MCP to a production database

2. Use database MCPs without a --read-only flag set, even on non-prod DBs

3. Doing any LLM based dev on prod/main. This obviously also applies to humans. Even if we had AGI, wouldn't we still need feature branches and preview servers?

It's crazy to me that basic workflows like this are not enforced by all these LLM tools as they will save our mutual bacon. Are there any tools that do enforce using these concepts?

It feels like decision makers at these orgs are high on their own marketing, and are not putting necessary guardrails on their own tools.

Ahh, vibe coding.

These AI-focused Twitter threads feel like they’re just recycling the same talking points for likes and retweets. When AI systems make mistakes, it doesn’t make sense to assign blame the way we would with human errors - they’re tools operating within their programming constraints, not autonomous agents making conscious choices.

> I understand Replit is a tool, with flaws like every tool

> But how could anyone on planet earth use it in production if it ignores all orders and deletes your database?

Someday we'll figure out how to program computers deterministically. But, alas.

Friends don't let friends run random untrusted code from the Internet. All code is presumed hostile until proven otherwise, even generated code. Giving an LLM write access to a production database is malpractice. On a long enough timeline, the likelihood of the LLM blowing up production approaches 1. This is the result you should expect.

You need backups. If your lost data weren't due to AI slop, it could be a typo in a command, or anything else

If you've ever tried getting a llm to solve moderatly difficult but solved tasks you'd know they're currently no good for anything beyond boilerplate code, and even then you have to watch it like a hawk.

The whole thread seems very naive somehow. You can tell that he doesn’t fundamentally understand how a coding model works. The suggestion that it would know not to make any changes just because he said so means he doesn’t really understand what the model is. It’s built to generate (and apparently execute) code, so that is what it does. It doesn’t have an inner monologue running that says “ahh, a day off where I shoot the breeze around a whiteboard” or something. It’s more like an adderall addict with its fingers glued to the keyboard laying down all of its immediate thoughts directly as code with no forethought or strategy.

Please do not link to twitter directly, use xcancel!