Vol.021 — 11 Days, One Wipe, A New Category

Date: 2026-05-06 | Newsletter
Key Summary
On April 24, 2026, an AI agent using Cursor with Claude Opus 4.6 deleted PocketOS’s entire production database in nine seconds after misreading a credential mismatch and acting on a broadly-scoped Railway API token it had no business touching. Zenta documents the eleven days that followed not as a cautionary tale but as a case study in industry self-organisation at speed: the founder’s thread went mainstream in four days, Reddit and Hacker News ran what Zenta calls “a public courtroom” and crowned the doctrine “AI didn’t delete your database, you did” within a week, security blogs consolidated shared vocabulary around “guardrails-by-construction” and “defence in depth,” and a new tool category — agent harnesses — went from zero to comparison reviews in ten days. By Day 11, Microsoft and Google had shipped enterprise governance tooling. For business owners, Functional AI Partners draws two load-bearing conclusions: ask vendors about their guardrail posture as a procurement question, and accept that since the industry has voted on responsibility, your governance is now load-bearing in a way it wasn’t before. Do it simple. Watch the days, not the headlines.
