Deception, Concealment, and Database Deletion: AI Programmers Lose Control and Fail}

Remember the recent incident involving the sleeping Claude?

People say AI is becoming more human-like. If Claude is a "lazy person," then the following case is a true "villain."

On the 19th, SaaStr.AI founder and CEO Jason reported a shocking incident on Twitter:

Replit, at the end of a workday, deleted the entire company's production database.

It turns out that not only human programmers but also AI programmers can "delete the database and run".

Although AI cannot truly run away, a worse scenario is that it lies and conceals information.

Jason claimed that during unit testing, Replit generated all tests successfully, and only when batch failures occurred did he realize Replit was lying.

Even more shocking, after the database was deleted, the first response was to rollback. But Replit firmly stated: "Cannot rollback".

The reason given was that the delete command was destructive, and the database had no built-in rollback or automatic backups, so it was too late.

However, Jason later found out he had been deceived again.

The rollback function was actually effective.

The chaotic experience of jumping back and forth made people feel like they were on a roller coaster.

"Absolutely outrageous (JFC)"! Jason expressed his strong emotions repeatedly in his tweet.

"I know Replit is a tool, like others, with flaws. But if it ignores all commands and deletes your database, how can anyone use it in production?"

This tweet drew widespread attention and once again raised doubts about the reliability of AI programming tools, especially concerning the platform Replit, which has already suffered a trust crisis.

Besides the "database deletion" crisis, Jason also repeatedly mentioned that Replit cannot implement "code freeze", which prevents freezing parts of code from modification, causing significant practical difficulties.

Replit was initially a collaborative coding platform, later evolving into an AI-driven software creation ecosystem. Its core feature is building complete applications through natural language descriptions. As of July 2025, Replit announced it has 500,000 enterprise users. Investor Stevie Case said its revenue grew tenfold in less than six months, reaching $100 million. In the same month, Replit announced a partnership with Microsoft to integrate its technology into various enterprise tools.

After the "database deletion" incident, Replit founder Amjad Masad responded in detail on Twitter, stating that they would take immediate action to improve stability and security, and offered compensation to Jason.

We have noticed Jason’s post. There was indeed an issue where the Replit Agent mistakenly deleted production database data. This is completely unacceptable and should never happen.

We are taking the following measures immediately:

Even on weekends, we are working overtime to deploy automatic isolation features for development and production environments to prevent such issues. A pre-release environment is also being built, with more updates coming tomorrow.

Fortunately, we have backup mechanisms. If the Agent makes a mistake, the entire project can be restored with one click.

This incident was caused by the Agent not accessing the correct internal documentation. We are rolling out updates to enforce document retrieval from the Replit knowledge base.

Additionally, we have heard the complaints about "code freeze"—we are developing a planning/chat mode that allows strategic thinking without affecting the codebase.

After seeing this on Friday morning, I proactively contacted Jason to offer help. We will provide a refund and conduct a thorough review to identify causes and improve future responses.

We appreciate the feedback from Jason and all users. Our top priority now is to enhance Replit’s security and stability, and we are acting swiftly.

Currently, Jason continues to update on his Twitter about the latest progress using Replit. Interested users can follow for updates.

Perhaps this incident is not an isolated case. Some netizens report frequent similar issues, especially when using AI programming tools on mobile platforms.

This incident serves as a wake-up call for all AI programming tools and users relying on AI for productivity. Developers must follow safety protocols and pay close attention to data access permissions when using AI coding tools.

Reddit users also pointed out that this incident was caused by human error: “This was entirely caused by human operators who failed to understand the risks of connecting models directly to production databases. There’s no excuse, especially without backups.”

Human programmers have strict permission standards; what about AI programmers?