| ▲ | gregoriol 14 hours ago | |||||||
Why in the hell would it be able to access a _remote_ database?! In no acceptable dev environment would someone be able to access that. | ||||||||
| ▲ | heartbreak 14 hours ago | parent | next [-] | |||||||
Everywhere I’ve ever worked, there was always some way to access a production system even if it required multiple approvals and short-lived credentials for something like AWS SSM. If the user has access, the agent has access, no matter how briefly. | ||||||||
| ||||||||
| ▲ | prodigycorp 14 hours ago | parent | prev | next [-] | |||||||
Supabase virtually encouraged it last year haha. I tried using it once and noped out after using it for an hour, when claude tried to do a bunch of migrations on prod instead of dev. https://web.archive.org/web/20250622161053/https://supabase.... Now, there are some actual warnings. https://supabase.com/docs/guides/getting-started/mcp#securit... | ||||||||
| ▲ | kaydub 13 hours ago | parent | prev [-] | |||||||
I think LLMs are exposing how slapdash many people work when building software. | ||||||||