AI wants to nuke your database. Guardrails fix that(blog.railway.com)
blog.railway.com
AI wants to nuke your database. Guardrails fix that
https://blog.railway.com/p/your-ai-wants-to-nuke-your-database
4 comments
We share more details about what happened. Tokens on Railway can actually be scoped pretty narrowly, all the way down to a single environment. In the post that went viral the token was account-scoped, which was way more access than the task needed. We'll improve the UX so it's obvious which token to create.
Also, volume deletions now schedule with a 48-hour grace period, in both the dashboard and the API. You can always undo. Overall we want to have more guardrails set up in place since more and more people will interact with Railway via agents
Also, volume deletions now schedule with a 48-hour grace period, in both the dashboard and the API. You can always undo. Overall we want to have more guardrails set up in place since more and more people will interact with Railway via agents
Blog post author here. Happy to answer any questions
Apparently yes: https://news.ycombinator.com/item?id=47911524