Rules for safely using AI to build and run real business software
"Vibe coding" means describing what you want in plain English and letting an AI write and run the actual code, without reading or fully understanding it yourself. That's a real way to build working software now — but it removes the safety net a programmer would normally have. This page is that safety net, plus a generator below that builds you a copy customized to your own project.
00Generate your own guardrails file
Runs on Cloudflare Workers AI (no external key) and pulls a couple of real reference links from a live, unauthenticated GitHub search. The core rules below are fixed, vetted text — only the intro paragraph and resource links are AI-generated, so the security facts never drift.
01The core rules
An AI assistant should never hold a standing password, API key, or credential to a real system — only short-lived, narrowly scoped access issued right before a session and revoked or expired after.
The AI can prepare and explain the action. A person clicks "go." Canceling a paying customer, changing a price, sending a bulk message, deleting a record, pushing code live — all human-approved.
If the honest answer involves an overcharged customer, a down website, or unrecoverable data — slow down and get a plain-English explanation first.
You don't need to read code. You do need to be able to say, in your own words, what changed and why.
Prefer changes you can undo in five minutes over a rewrite you can't easily back out of.
Keys live in exactly one place you control — never pasted into random files, chat histories, or "just this once" locations you'll forget.
If you asked for one thing and the AI is quietly adding features or new systems, that's a flag — more moving parts is more you have to trust blindly.
A simple running note ("today we fixed X, added Y") saves you when something breaks three months from now.
02Red flags — stop and check
- It asks for a permanent key, password, or to disable a security setting "to make this easier."
- It wants to delete or overwrite something and you're not 100% sure what.
- It can't explain a change in plain English.
- It made a change to a live system before telling you ("I already did X" instead of "should I do X?").
- It's adding accounts, tools, or features you didn't ask for.
- You feel rushed into "just trust it" — that's exactly the moment to slow down.
03Access & keys — the just-in-time pattern
This has a real name in the security industry: just-in-time access. A human generates a scoped, short-lived credential right before a work session → the AI uses it for that one session → it expires or gets manually revoked afterward.
Supports true built-in expiration. Create an API Token (never the old-style Global API Key), set an End Date on it directly, and scope it to only what it needs to touch.
Supports scoped Restricted keys — always use these, never the main secret key. They do not expire on their own. A human has to manually revoke/roll the key when the session ends.
A kubeconfig file is a different, more dangerous thing than an API key. It's a static, long-lived credential to an entire server cluster and typically can't be given an expiration date. Don't hand the kubeconfig itself to an AI at all.
This page is a public website — never paste an actual key here or into any web page. The generator above never asks for one either.
04Security checklist
Self-review only — nothing on this page has credentials to your accounts. Saves
progress in this browser only (localStorage), nothing sent anywhere.
05A working example
This exact pattern runs a real business today: a self-storage facility's tenant billing and unit board, built on Cloudflare Workers (hosting + compute) and Stripe (billing and identity), with a human controlling every credential the AI ever touches. It's a working template for other property or hospitality operations — a hotel's booking + room board, an apartment complex's unit and rent roll — the platforms swap out, the access pattern doesn't.