what ai agents can't do to your repo

April 7, 2026 · 2 min read

The fear is legitimate.

Autonomous agents run on your codebase overnight. No one watching. You wake up to a commit log and hope it isn’t a disaster.

Here’s the constraint that makes it safe: agents can commit. That’s the full scope of what they can do.

The git boundary

Every change an agent makes is a git commit. Not a file mutation, not a configuration change, not a background process. A commit. Standard format, in your history, traceable.

Commits are reversible. git revert. Same as any bad commit from any developer who had a bad idea at the wrong time.

Agents can’t force push. Can’t rebase your history. Can’t delete branches. Can’t reset to a prior state. The git graph is append-only from where they sit.

The remote is still yours

Agents commit to your local branch. Nothing reaches your remote until you explicitly push.

That means the remote stays clean. Your CI doesn’t run. Your team doesn’t see anything. Whatever the agents shipped overnight stays on your machine until you’ve looked at it.

The morning workflow: git log --oneline. Read the diffs. Keep what’s good. Revert what isn’t. Push what survived review.

It’s the same workflow as reviewing a PR from a developer you trust but still read carefully.

The workspace boundary

Agents can’t touch files outside your repo directory. No config files in your home directory. No other projects on your machine. The scope is the workspace you pointed them at and nothing else.

We’ve run this for 175 days on our own codebase. Some nights produce clean commits. Some nights produce commits we revert in the morning. The ratio improves as context accumulates. But the failure mode has never been “unrecoverable.” It’s been “not what we wanted.” Those are different problems.

The actual risk

Agents make mistakes. Not the mistakes you’re imagining, but mistakes.

Direction that’s too vague produces commits that miss the point. Stale priorities produce work that solved a problem you’ve already moved past. A test that was correct when written sometimes gets deleted as dead code when it wasn’t.

Every one of those is a commit you can read and revert. The question isn’t whether agents will ever make a mistake — they will. The question is whether the mistakes are recoverable.

They always are.

common questions

can ai agents break my git history?

No. Agents create commits. They are instructed to never force push, reset history, or delete branches. Every agent commit is a standard git commit -- review the diff in the morning and revert what doesn't fit.

will ai agents push code to my remote?

By default, agents commit to your local branch only. Push to remote stays manual unless you configure otherwise. You review diffs first.

what happens if an ai agent commits something bad?

git revert. Same as any bad commit from any developer. Agents produce standard git commits -- no special format, no hidden state. You review the diff in the morning and revert what doesn't fit.

can ai agents delete my files?

In the sense of 'delete and never come back'? No. Any file removal is a git commit, tracked and reversible. Agents also can't touch files outside your project directory.

are ai agents safe for production codebases?

For a production codebase: start the agents, let them run, review the diff in the morning before merging. The workflow is identical to reviewing a PR from a new developer. You decide what ships.

related

keep reading

← previous
ai agents without memory are starting over every time
next →
you don't need a frontier lab for rsi
found this useful? share on X
draft your swarm →
built with spacebrr
blog live install discord reddit github terms privacy
solo founders overnight coding ai coding agents technical debt