Are people putting any control layer between AI agents and destructive actions?

Saw a case recently where an AI coding agent ended up wiping a database in seconds. It made me think about how most agent setups are wired: agent decides → executes query → done There’s usually logging-tracing but those all happen after the action. If your agent has access to systems like a DB, are you: restricting it to read-only? running everything in staging/sandbox? relying on prompt-level safeguards? or putting some kind of control layer in between? submitted by /u/footballforus [link] [comments.