This is bad advice in 2026 for most people who would read it, since it advises taking a terrible security posture (give the agent access to everything,) in exchange for a relatively small improvement in workflows.

I say small improvement because my experience is that modern Agents are pretty good, so by the time they've handed it back to me to test it, there are usually only one or two remaining issues that I'll discover as we roll it out to Production.

▲

nyellin 10 hours ago | parent [-]

OP here: we don't give Claude Code access to prod. Everything is isolated cloud accounts for this purpose.

E.g. we give Claude credentials for db - but it's never prod data.

▲

jondwillis 9 hours ago | parent | next [-]

You should edit the article to suggest this point, it may not be obvious to everyone reading it.

	▲	nyellin 5 hours ago \| parent [-]
		Fair enough, I will update

▲

cozzyd 8 hours ago | parent | prev [-]

But what if there's only an error in prod?

	▲	nyellin 3 hours ago \| parent [-]
		It's a trade-off. In these scenarios we update our staging data for next time.