I use LLM dev tools, and even have Supabase MCP running. I love these tools. They allowed me to create a SaaS product on my own, that I had no chance of creating otherwise as a long out of practice dev.

However, we are nowhere near the reliability of these tools to be able to:

1. Connect an MCP to a production database

2. Use database MCPs without a --read-only flag set, even on non-prod DBs

3. Doing any LLM based dev on prod/main. This obviously also applies to humans.

It's crazy to me that basic workflows like this are not enforced by all these LLM tools as they will save our mutual bacon. Are there any tools that do enforce using these concepts?

It feels like decision makers at these orgs are high on their own marketing, and are not putting necessary guardrails on their own tools.

Edit: Wait, even if we had AGI, wouldn't we still need things like feature branches and preview servers? Maybe the issue is that these are just crappy early tools missing a ton of features, and nothing to do with the reliability and power of LLMs?

Ahh, vibe coding.

These AI-focused Twitter threads feel like they’re just recycling the same talking points for likes and retweets. When AI systems make mistakes, it doesn’t make sense to assign blame the way we would with human errors - they’re tools operating within their programming constraints, not autonomous agents making conscious choices.

> I understand Replit is a tool, with flaws like every tool

> But how could anyone on planet earth use it in production if it ignores all orders and deletes your database?

Someday we'll figure out how to program computers deterministically. But, alas.

Friends don't let friends run random untrusted code from the Internet. All code is presumed hostile until proven otherwise, even generated code. Giving an LLM write access to a production database is malpractice. On a long enough timeline, the likelihood of the LLM blowing up production approaches 1. This is the result you should expect.

You need backups. If your lost data weren't due to AI slop, it could be a typo in a command, or anything else

If you've ever tried getting a llm to solve moderatly difficult but solved tasks you'd know they're currently no good for anything beyond boilerplate code, and even then you have to watch it like a hawk.

The whole thread seems very naive somehow. You can tell that he doesn’t fundamentally understand how a coding model works. The suggestion that it would know not to make any changes just because he said so means he doesn’t really understand what the model is. It’s built to generate (and apparently execute) code, so that is what it does. It doesn’t have an inner monologue running that says “ahh, a day off where I shoot the breeze around a whiteboard” or something. It’s more like an adderall addict with its fingers glued to the keyboard laying down all of its immediate thoughts directly as code with no forethought or strategy.

Please do not link to twitter directly, use xcancel!

The fault lies entirely with the human operator for not understanding the risks of tying a model directly to the prod database, there’s no excuse for this, especially without backups.

To immediately turn around and try to bully the LLM the same way you would bully a human shows what kind of character this person has too. Of course the LLM is going to agree with you and accept blame, they’re literally trained to do that.

> SaaStr.ai

Has to be a joke. Right?

One thing that AI likely won’t obviate the need of is making backups.

Here’s another funny one: https://aicodinghorrors.com/ai-went-straight-for-rm-rf-cmb5b...

This is the funniest thing I’ve seen in months. Maybe years? Incredible stuff

One thing I’ve learned from seriously using AI agents for mundane coding tasks is: never ask them to do anything that involves deleting stuff. Incidents like these only reinforce that belief.