← Back to Writing

The Price of Ignoring Advice

(Or: How to Lose a Project in One Prompt)

🛡️ AI Safety Protocol 📉 Case Study
Published:
Cybersecurity Dashboard Warning
The Critical Error: Operating without an Undo Button.

📋 Executive Summary

  • The Scenario: A student hired me to set up an Agentic IDE (AI with shell access).
  • The Risk: Agentic AI can delete files. I mandated a "Blast Shield" (Backup/Git) as a condition of use.
  • The Failure: The client ignored the backup constraint. He prompted the AI to "clean up," and it wiped his current directory.
  • The Lesson: Syncing is not backing up. You must have an offline/immutable checkpoint designated before granting AI write access.
📊 Implications
Immediate takeaway: Before granting any AI tool write access to your filesystem, run the 3-Step Blast Shield: (1) git init, (2) push to remote, (3) commit before every "refactor" or "clean" prompt.
Strategic implication: Syncing is not backing up. Sync mirrors deletions — if the AI wipes your local folder, the cloud wipes the copy. You need immutable snapshots, not live reflections.
Key risk: Agentic AI has shell access. A single "clean up" prompt can execute rm -rf on your working directory. Without version control, there is no undo button.

The "Ferrari" Problem

When you use standard LLMs (ChatGPT, Claude), you are in a walled garden. You can't break anything because the AI can only output text.

Agentic IDEs (Cursor, Windsurf) are different. They have shell access. They can execute `rm -rf`, move directories, and rewrite files.

I call this the Ferrari Problem: You bought the speed, but did you buy the brakes?

The Explicit Warning

During a $300 consultation with a client ("Alex"), I gave one non-negotiable instruction before handing him the tools:

The Rule

"Install a Backup Protocol (Google Drive / Git). Not just Sync. A Backup."

I explained that Sync mirrors deletions. If the AI wipes his desktop, the cloud wipes the copy. He needed a dedicated checkpoint.

WhatsApp Warning Receipt
The Receipt: Explicit instruction to create redundancy.

The Incident

24 hours later, the inevitable happened.

Alex likely asked the Agent to "clean up the folder" or "remove temp files." The AI, being literal, interpreted the scope broadly.

"I fked up."

The directory was empty.

The Wipe Disaster
The Consequence: A wiped project and no backup.

The Engineering Lesson: Robustness

The tragedy here isn't the AI's mistake. It's the lack of System Resilience.

In software engineering, we assume failure will happen. We don't try to prevent every bug; we build systems that survive them.

Sync vs Backup

  • Sync (Mirror): Live reflection. Good for convenience. Bad for safety. (AI deletes > Cloud deletes).
  • Backup (Snapshot): Frozen state. Good for safety. (AI deletes > Restore from 1 hour ago).

Alex had Sync (maybe). He didn't have a Backup. When the mirror broke, he had no reflection left.

The Agentic Safety Baseline

If you are using AI tools that have write-access to your file system, you must adopt this baseline:

Git Safety Net Checklist
The Safety Net that separates professionals from amateurs.

The 3-Step Blast Shield

  1. Git Init: Version control is the ultimate undo button. git checkout . would have saved him in 1 second.
  2. Remote Push: GitHub/GitLab ensures that even if your local drive melts, the code exists elsewhere.
  3. Checkpointing: Before any "Refactor" or "Clean" prompt, commit your changes.

The Cost of Wisdom

Alex paid $300 for the consultation. But the real cost was the lost week of work.

Domain expertise often sounds like "boring administrative advice" (Backups, Git, Security). In reality, it is the only thing standing between you and a total wipe.

When an expert tells you to install a safety net, don't ask if it's necessary. Just install the damn net.

📚 Related Reading

This article was originally published on Medium.

Frequently Asked Questions

What is the difference between AI chat and Agentic AI?

Standard chat AI (ChatGPT, Claude web) can only output text — it's a walled garden. Agentic AI (Cursor, Windsurf, Antigravity) has shell access: it can execute commands, delete files, rewrite code, and modify your filesystem directly. This is the "Ferrari Problem" — you bought the speed, but did you buy the brakes?

Why isn't Google Drive sync enough for AI safety?

Cloud sync mirrors your local state in real-time. If an AI agent deletes your project folder, the sync service faithfully deletes the cloud copy too. A backup is a frozen snapshot — an immutable checkpoint you can restore from regardless of what happens to the live files.

What is the minimum safety setup before using Agentic AI?

The 3-Step Blast Shield: (1) Initialize Git version control, (2) Push to a remote repository (GitHub/GitLab), (3) Commit your changes before every "refactor," "clean," or "reorganize" prompt. This gives you a one-second undo button via git checkout.

See the System

I don't just write about this; I build the systems. Explore the actual codebase behind these insights.

View Athena-Public →
🤝

Work With Me

Stop drowning in complexity. Hire me to architect your AI systems and bionic workflows.

Book a Consultation →
WK

Winston Koh & Project Athena

This article was co-authored with Project Athena.