Per the commentary and author, the best way to prevent "rogue changes" is to ask the LLM kindly not to make any changes.
I'd suggest a better way: Don't give it permission to make actual changes.
Why would you give an LLM the keys to the kingdom? Would you trust your just on-boarded intern with those kinds of permissions? No? Then why trust a machine known to not follow directions?
daenney · 2h ago
In the mean time, the author:
* Has claimed to quit Replit only to be back at it the next day.
* Asked the agent 6-7 times to generate apology letters.
* Is apparently spending $8000/month on "AI agents"
Like I'm not sure but it doesn't seem like this person should have any access to production either, much less the AI.
Wild that it doesn’t seem to be sinking in with this guy that not only should the agent not have access to the production DB, but that you can’t trust anything it says, including its apologies, excuses, and explanations of past failure. It doesn’t “understand” what it did. I’m not sure the author does either, since he doesn’t seem to know how to even check himself.
I'd suggest a better way: Don't give it permission to make actual changes.
Why would you give an LLM the keys to the kingdom? Would you trust your just on-boarded intern with those kinds of permissions? No? Then why trust a machine known to not follow directions?
* Has claimed to quit Replit only to be back at it the next day.
* Asked the agent 6-7 times to generate apology letters.
* Is apparently spending $8000/month on "AI agents"
Like I'm not sure but it doesn't seem like this person should have any access to production either, much less the AI.
https://news.ycombinator.com/item?id=44622725