February 4, 2026

Step away from the prod

Article URL →HN comments →

Claude Code for Infrastructure

AI agent wants to touch your servers—devs yell “F*** NO” while founder promises sandboxes

TLDR: Fluid clones your servers so an AI can test changes safely and generate setup scripts before humans deploy. Commenters are split: some see a neat safety layer, but many scream “keep AI away from production,” demanding read‑only mode, clearer risks, and better docs before giving it a shot.

The pitch: Fluid is “Claude Code for infrastructure,” a terminal tool that spins up safe copies of your servers so an AI can poke around, run commands, and write setup scripts—then a human applies changes to the real thing. Founder Collin (posting as aspectrr) drops in with receipts: live command output, temporary SSH keys, human approvals for risky stuff, and strict rules so the bot never reaches the real internet. But the crowd? Absolutely not chill.

The loudest voice is the panic siren: “F* NO… who lets an AI touch production?”** Security hawks say the site fluid.sh explains too little and want a big, obvious read‑only mode and crystal‑clear warnings for anything destructive. One commenter admits Claude helped yesterday—then they had to rebuild a whole cluster today. Ouch. Others are curious but cautious, asking to make it a plugin (an MCP server) so they can keep using Claude Code with training wheels. Meanwhile, a darkly funny meta‑take goes viral: we’ve built endless tools to build more tools… but where are the actual products? Cue the “startup pyramid scheme” meme. In short: founders pitching safety, ops folks clutching pagers, and a chorus demanding guardrails before the bot gets within Wi‑Fi range of prod. Drama unlocked.

Key Points

  • Fluid creates sandboxed clones of production infrastructure (e.g., VMs, Kubernetes) for AI agents to work safely.
  • Agents can run commands, test connections, edit files, and generate Infrastructure-as-Code such as Ansible Playbooks.
  • The approach addresses LLM limitations by providing real context via cloned environments before generating IaC.
  • Safety features include restricting tools to sandboxes, live command output, and ephemeral SSH certificates.
  • Human approvals are required for risky actions like creating sandboxes on low-resource hosts, internet access, or package installation.

Hottest takes

“FUCK NO. Who in their right mind would let an LLM connect to prod?” — lijok
“no idea how destructive it can be” — lfx
“All these tools to build something, but nothing to build.” — falloutx

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.