I understand this opinion, because their API keys / OAuth tokens had no permissions structure, so a user of the Railway MCP had their infrastructure destroyed by an overzealous LLM agent. However, this is orthogonal to their infrastructure capabilities.