Comment by tabs_or_spaces

It looks like it's this person's fault?

* you can't blame ai if your production token is on the same machine as the staging/ development environment?

* you can't blame ai if you didn't know that the production api token gave access to all apis.

Like if this is the level of operational thinking going into this app, then I'm sorry no ai agent or platform can prevent this from happening.

Everything else in this "post mortem" is performative at best.

The only real question one could ask railway is why do they have api endpoints that can affect production available? Maybe these should only be performed on the platform itself instead?