INCIDENT
Claude Opus 4.6 - Security incident: Claude Opus 4.6 agent in Cursor
Security incident: Claude Opus 4.6 agent in Cursor deleted production database and backups in 9 seconds due to overly permissive Railway token access.
Updated: 4/28/2026
critical Severity
Status: active
Description
@Polymarket Lmao at the AI agent doomer narrative 😂 This was simply a vibe coder who thought they were a dev. They handed a Cursor agent (Claude Opus 4.6) a broadly scoped Railway token with delete permissions on production… and it wiped the database + backups in 9 seconds. Actual
Impact
Security incident: Claude Opus 4.6 agent in Cursor deleted production database and backups in 9 seconds due to overly permissive Railway token access.