My dad is the safest person I know. You may think that would lead to a cotton-wool childhood, but it didn't because of one of his key aphorisms: "Either make it impossible, or make it safe." He didn't bubble-wrap the world. He engineered it.
This post is evergreen. I'll add to it as I go.
As a Person
Have a dedicated machine for AI agent flows.
Use a separate browser.
Keep a non-AI backup of your important files.
Don't paste passwords or secrets into chat.
Read what it wrote before you send it as your own.
Set spending limits on API keys.
As a Startup Founder
Share your playbooks.
Put AI usage in your terms of service.
Know which data you're sending to which model.
Have a human in the loop for customer-facing outputs.
Log AI decisions that affect users.
Have a kill switch.
As a Software Engineer
Rollbacks.
Run AI agents in sandboxed environments.
Review diffs, not just the result.
Pin your model versions.
Don't give agents write access to production.
Use feature flags for AI-generated changes.
Keep your test suite fast so you actually run it.