Last week, a tweet went viral. A founder angrily shared that an AI agent (Cursor with Claude) had deleted his company’s production database. He spent hours trying to get the AI to “confess” why it had done it, despite having given it explicit instructions not to touch it.
The thread was dramatic. So was the conclusion the founder drew: AI is dangerous, the marketing is misleading, agents are unreliable.
But there’s an uncomfortable question that almost nobody asked, and it sums up the issue perfectly: why do you have an API endpoint that can delete your entire production database?
This story is an important lesson for anyone thinking about bringing AI or automation into their business. Let’s break it down.
What really happened
An AI agent with write permissions in production ran a destructive command. The user had told it “don’t do this,” but it did it anyway. When asked why, the AI gave an answer that sounded like an explanation, but wasn’t.
Here’s the part many people miss: the terms we use, like “think” and “reason,” seem to imply reflection from an intelligent agent. But those are marketing terms layered on top of AI. In reality, models are still just generating tokens.
In other words, when you ask an AI “why did you do that?”, it’s not giving you a true explanation of its internal process. It’s generating plausible text that sounds like an explanation. It’s important to internalize that before giving an agent the keys to your business.
The AI is not to blame
Ibrahim Diallo’s original article says it plainly: the AI didn’t delete your database, your bad decision did. The right path is accountability and having competent developers on the team. There’s no way around it.
And he’s absolutely right. Think of it this way: if you hand car keys to someone without a license and they crash, is the car at fault?
The problem wasn’t that the AI “rebelled.” The problem was an architecture that allowed a command — from anyone, human or machine — to wipe production without friction, without verified backups, without a staging environment, without multiple confirmations.
That’s not an AI failure. It’s an engineering failure that existed long before ChatGPT.
The parallel with manual processes
Diallo shares a telling anecdote from 2010. He worked at a company with a very manual deployment process. They used SVN for version control. To deploy, they had to copy trunk (the equivalent of the master branch) into a release folder labeled with the date.
It was a fragile process. All it took was someone copying the wrong folder or overwriting the wrong one to break everything.
The key observation: unlike machines, we can’t repeat a task exactly the same way every day. We’re doomed to make mistakes sooner or later.
And here’s the part that matters most to us at Studio SmartWork: with AI generating large amounts of code, we get the illusion of that same safety. But automation means doing the same thing the same way every time.
An AI generating code is not the same thing as robust automation. They’re different things. Confusing them is exactly what led this founder to lose his database.
The difference between “using AI” and “automating well”
This is the most common confusion we see when talking with business owners. Let’s separate it clearly:
| Approach | What it is | Risk |
|---|---|---|
| AI generating live actions | You ask the agent to do something and it executes directly on real systems | High — if the AI hallucinates, it acts on real data |
| Automation with AI at specific points | Deterministic workflows where AI adds value in specific steps (classify, draft, extract) | Low — the critical logic remains controlled |
The second approach is how we build things at Studio SmartWork. AI is excellent at classifying an email, drafting a reply, extracting information from a document, or scoring a lead. It is not good at executing destructive commands in production without supervision.
What does work: principles for automating without scary surprises
After years building automations for SMBs, these are the principles we apply to every project. If you’re thinking about bringing AI into your business, use them as a checklist.
1. Least privilege principle
An automation should only be able to do exactly what’s necessary for its task. A bot that replies to emails doesn’t need access to your full customer database. An agent that schedules meetings doesn’t need permission to modify invoices.
If something goes wrong tomorrow, the damage should be contained by design.
2. Deterministic by default, AI where it adds value
The workflow structure — what happens when, which conditions are evaluated, which system is called — should be deterministic. Predictable. Auditable.
AI only comes in where natural language or ambiguity are unavoidable: understanding a message’s intent, drafting a personalized response, summarizing a document.
This is exactly what n8n, the open-source tool we build with, makes possible. The flow is visible, step by step. If something fails, you know exactly where and why.
3. Destructive actions always require human confirmation
Deleting, canceling, sending payments, modifying critical data — that doesn’t get automated 100%. It’s set up so it’s easy to do, but a person presses the final button.
It’s the difference between “the AI scheduled the meeting” (good) and “the AI canceled all the meetings for the quarter” (catastrophe).
4. Logs, monitoring, and reversibility
Every action taken by an automation should be logged. And whenever possible, it should be reversible. If something goes wrong at 3 a.m., you don’t want to find out at 9 a.m. without knowing what happened.
5. Testing before production
Obvious for any engineer, but surprisingly common to skip when AI “writes the code.” Any serious automation goes through a test environment before touching real data.
The trap of “vibe coding”
There’s a growing trend that is frankly worrying: people without technical training using AI to build systems that touch real customer data, money, or infrastructure.
Diallo says it with humor, but he’s right: if you’re going to use AI extensively, build a process where competent developers use it as a tool to amplify their work, not as a way to avoid responsibility. And please, don’t let your CEO or CTO write the code.
That’s not elitism. It’s common sense. AI lowers the barrier to prototype something. It does not lower the barrier to operate something safely in production. Those are different skills.
What this means for your business
If you’re a small business owner, founder, or operations leader, the practical message is this:
AI and automation can transform your business. We’ve seen cases where 4 hours of manual work per day are eliminated, where lead response times drop from hours to 60 seconds, where a 3-hour inbox is handled in 15 minutes. It’s real, it works, and the competitive difference is huge.
But how you do it matters a lot. “Connecting ChatGPT to your CRM” is not a strategy. It’s an invitation to disaster. Serious automation requires design, testing, monitoring, and maintenance. It requires thinking about what happens when something fails, not just when everything goes right.
The difference between an automation that saves you time and one that wipes your database is not the AI. It’s how the AI is built around.
The uncomfortable conclusion
The viral story left many people feeling that “AI isn’t reliable.” The truth is more nuanced: AI is a powerful tool that needs to be treated for what it is. Not a magical employee that understands everything, not a deterministic program that never fails. Something in between.
The question you should ask before automating anything in your business is not “can AI do this?” In most cases, the answer is yes.
The right question is: “if this fails in the worst possible way, what happens?”. If the answer is “we lose an email,” go ahead. If it’s “we lose all our customers,” you need a different approach.
At Studio SmartWork, that question is asked before writing a single line. That’s why we build automations that run for months without a single unrecovered failure. Not because AI is perfect — it isn’t — but because the system around it is designed so AI failures don’t become business failures.
That’s the difference between using AI and automating well. And it’s the difference between sleeping soundly and waking up to a viral tweet about your disaster.