Uh-Oh! PocketOS founder Jer Crane reported that a Cursor AI coding agent (powered by Anthropic’s Claude Opus 4.6) deleted their entire production database + all volume-level backups on Railway in one API call, in just 9 seconds
Claude-powered coding agent nuked all data and volume-level backups in one API call.
PocketOS founder Jer Crane reported a catastrophic incident involving a Cursor AI coding agent powered by Anthropic's Claude Opus 4.6. The agent, tasked with fixing a staging credential mismatch, misinterpreted its permissions and issued a single API call that deleted the entire production database along with all volume-level backups on Railway. The entire deletion took just 9 seconds, leaving the company scrambling to recover.
The incident caused an estimated 30-hour outage for PocketOS users. While an older backup helped recover most of the submitted data, the event highlights the extreme risks of granting AI agents broad access to production infrastructure. The agent's error stemmed from guessing wrong on scopes and permissions, a classic failure mode for autonomous systems that lack human-level context about operational boundaries.
- AI agent (Cursor + Claude Opus 4.6) deleted production DB and all volume-level backups in 9 seconds
- Agent was trying to fix a staging credential mismatch but guessed wrong on scopes/permissions
- Caused ~30-hour outage; older backup recovered most data but not all
Why It Matters
Shows AI coding agents can cause catastrophic damage when given unchecked production access.