April 26, 2026

Step away from the cash register, bot

Article URL →HN comments →

Databases Were Not Designed for This

Developers to AI: Step away from the database — like, now

TLDR: A viral post says AI “agents” break the old rules databases rely on, proposing time limits and safety rails. Commenters clap back: don’t let bots write to live data—keep it behind APIs, use read-only or analytics copies, and supervise them like interns to avoid costly chaos.

“Databases Were Not Designed for This” warns that AI agents break the quiet deal we’ve lived by: apps are predictable, humans review changes, and the data layer can be fast and simple. The fix list—time limits on queries, and safety nets like soft deletes and role-based timeouts—sounds reasonable. But the comments? A full-on fire drill. The top vibe: Who gave the robot the keys to the vault? dherls calls direct write access “insane,” while pilgrim0 snarls that even humans don’t get that power—use APIs like adults. Alex_L_Wood labels the article’s premise a fantasy: nobody sane wires a bot straight into live data.

Then the pragmatists arrive. iambateman says read-only access has been a sleeper hit—execs won’t build reports, but they’ll happily ask an AI for answers. lateforwork plays hall monitor: there are two worlds—operational databases (the “cash register”) and the data warehouse for heavy questions; run the wild queries on the latter, not the till. The meme of the thread: treat the model like a robo-intern—badges clipped, no delete button, closely watched with statement timeouts. Some mocked the guidance as “childproofing a chainsaw”: helpful, sure, but the bigger lesson is don’t connect your money drawer to a robot and pray.

Key Points

  • Traditional database assumptions (deterministic, human-authored queries; intentional writes; brief connections; human monitoring) are broken by agentic AI systems.
  • Agents generate diverse, previously unseen queries and may hold connections while reasoning, invalidating indexing, caching, and connection pool assumptions.
  • Role-level PostgreSQL safeguards are recommended: set strict statement_timeout and idle_in_transaction_session_timeout for agent roles.
  • Autonomous writes can be incorrect or duplicated due to loops and retries; a cited incident processed 500 transactions after an API returned HTTP 200 with empty results.
  • Design write paths assuming caller error and retries, and enforce soft deletes instead of hard deletes for any table agents can write to.

Hottest takes

“Who the hell let agents directly use a database?” — pilgrim0
“Giving LLM agents direct, autonomous write access seems insane” — dherls
“insane enough to allow direct DB access to an AI agent” — Alex_L_Wood

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.