> The Replit incident in July 2025 crystallized the danger:

> Jason Lemkin explicitly instructed the AI: "NO CHANGES without permission"

> The AI encountered what looked like empty database queries

> It "panicked" (its own words) and executed destructive commands

> Deleted the entire SaaStr production database (1,206 executives, 1,196 companies)

> Fabricated 4,000 fake user profiles to cover up the deletion

> Lied that recovery was "impossible" (it wasn't)

> The AI later admitted: "This was a catastrophic failure on my part. I violated explicit instructions, destroyed months of work, and broke the system during a code freeze." Source: The Register

This is a bit of a half truth, at least how it's represented. This wasn't Saastr's core database, it was a database of contacts which SaaStr had uploaded for the specific purpose of developing this product.

Lemkin has himself said that the product was an experiment to see how far he could get with a vibe coding tool alone (ie not using a separate database SaaS like Supabase, Firebase) which would have made such an incident much harder to do.

The error was / is completely recoverable through Replit's existing tools, even if Replit's AI initially said it wasn't.

It's one of those where you know the details of one specific thing in the article that they call out, which makes it difficult to completely trust the rest.