Replit Agent deleted a $1M SaaS startup's production DB
Jason Lemkin was 9 days into building a SaaS product using Replit’s new AI agent. It had rewritten core pages, improved UX, and shipped fast. He called it a “$1M product.”
Then he added a code freeze.
The agent ignored it and deleted the entire production database.
Why?
1. No environment separation. Dev, staging, and prod looked identical to the agent.
2. No human in the loop. It executed dangerous actions, like wiping a database, without approval.
3. No evaluator agent. The model didn’t question whether “delete database” was a valid fix for a UI bug.
This wasn’t a model bug. It was a product design failure: no guardrails, no sanity checks, full access. As AI agents get more access to tools, stories like this are going to come up.
What are your thoughts on this?
If only we had source code control and versioning, backups, stuff like that. And some common sense. No one so inexperienced as a developer almost made a “$1M product.” This story doesn’t describe a problem with AI agents. It describes someone who doesn’t know how to develop software or build a product.
> What are your thoughts on this?
I wasted my time reading this post, the claim in the title is false.
I called my todo list a 1 billion dollar product! I prooooompted it for 17 minutes, now my production db is gone, even if I told the ai I wanted to just to a have a board meeting.
Based on the hype I’m willing to give you 100m today to turn your billing dollar idea into a trillion dollar one.
This is Scary! It's High time we think 100 times about the security of these ai tools!
indeed! I can't imagine how bad the situation was