When an AI coding agent guessed its way through bad permissions and deleted months of PocketOS production data in nine seconds — and what durable skills would have stopped it.

  • (00:00) - Cold open — car rental
  • (01:49) - Today's story
  • (10:29) - Railway recovery
  • (14:57) - Three questions
  • (16:29) - Close


Better with Kent — durable skills through story.

Episode 3 is a cautionary tale: on April 24, 2026, a Cursor agent working on PocketOS staging found a forgotten Railway API token, guessed it could delete a staging volume safely, and wiped production in nine seconds — along with volume-level backups in the same blast radius. Jer Crane and his co-founders spent days reconstructing customer records while Railway worked recovery.

Kent walks the full chain: least privilege, independent tested backups, hard approval boundaries for destructive ops, and why markdown guardrails are not system boundaries. The principles are old; agents just find the holes faster.

Creative license for pacing; primary sources linked below. Based on Jer Crane's public account of the PocketOS incident.

Links

Podden och tillhörande omslagsbild på den här sidan tillhör Kent C. Dodds. Innehållet i podden är skapat av Kent C. Dodds och inte av, eller tillsammans med, Poddtoppen.