Like an
Untrusted
System
Treat AI Like an Untrusted System
A production engineer's guide to using AI safely across DevOps, SRE, platform engineering, and infrastructure automation.
The machine got friendlier. The job got harder.
An honest argument for why production engineers need a different mental model for AI — not because AI is useless, but because it is most useful right before it leads you off a cliff.
Production engineering used to have a simple feedback loop: the machine was not your friend. If your config was wrong, the service did not start. If you misunderstood the system, the system did not gently explain. It just broke. That was frustrating, but it taught the right lesson — understand it, test your assumptions, build a mental model that matches reality.
AI changes the emotional texture of that relationship. Now the machine is polite. It explains things. It writes the Terraform, drafts the Kubernetes manifest, summarizes the outage, suggests the IAM policy. It feels less like a compiler and more like a helpful coworker. That is exactly what makes it dangerous.
This book is not anti-AI. It is anti-pretending-AI-is-a-coworker. It treats AI the way every senior engineer eventually learns to treat any new dependency that touches production: useful, constrained, observable, reviewable, and never blindly trusted. It maps that mental model onto the real surfaces production engineers work with — Terraform, Kubernetes, CI/CD, cloud ops, agentic workflows, prompt injection, observability — and gives you a practice you can take back to your team.
How the book sounds.
An excerpt from the opening of the book, draft prose, subject to revision.
I grew up learning computers when the machine was not trying to be helpful.
If something failed to compile, it failed. If a config was wrong, the service did not start. If you misunderstood the system, the system did not gently explain your mistake in a friendly tone. It just broke, logged something cryptic, and waited for you to figure it out.
That was frustrating, but it taught a useful lesson: the machine was not your friend. It was a system. You had to understand it, test your assumptions, read the errors, and build a mental model that matched reality.
AI changes the emotional texture of that relationship.
Now the machine is polite. It explains things. It gives you a confident answer. It writes the Terraform, drafts the Kubernetes manifest, summarizes the outage, suggests the IAM policy, and tells you the command to run next. It feels less like a compiler and more like a helpful coworker.
That is exactly what makes it dangerous.
The problem is not that AI is useless. It is incredibly useful. The problem is that it often feels most useful right before it leads you off a cliff. It can be persuasive without being correct. It can be specific without having enough context. It can produce something that looks production-ready while quietly misunderstanding your architecture, your risk tolerance, your security model, or the part of the system nobody remembered to document.
That is why production engineers need a different mental model.
Do not treat AI like magic. Do not treat it like a senior engineer. Treat it like an untrusted system with useful capabilities and a dangerous failure mode: it can sound right when it is wrong.
Working draft. Final manuscript will be edited and copyedited before publication.
What the book covers.
An introduction, sixteen chapters, and a closing argument. Subject to revision — chapters may be reordered, merged, split, or renamed as the manuscript develops.
The Machine Got Friendlier. The Job Got Harder.
Why AI makes engineering feel easier on the surface while quietly raising the bar for judgment, context, and critical thinking.
Confidently Wrong
How AI produces plausible answers, why that is dangerous in infrastructure work, and how engineers can learn to spot convincing nonsense before it reaches production.
AI Is Not Your Senior Engineer
A practical framing for what AI is good at, where it fails, and why "sounds right" is not the same as "is right."
The New Skill Is Judgment
Why the most valuable engineers will not be the ones who type the fastest, but the ones who can ask better questions, spot missing context, and validate the output.
Prompting Is Requirements Gathering
How to give AI useful constraints, architecture context, acceptance criteria, risks, and examples instead of tossing vague requests over the wall.
Context Is the Control Plane
Why AI output quality depends heavily on what it can see, what it is allowed to assume, and how well your repos, docs, ownership, and standards are structured.
Treat AI Like an Untrusted System
The core operating model of the book: AI should be sandboxed, reviewed, tested, permissioned, logged, and constrained before it touches anything important.
Guardrails Beat Vibes
How policy-as-code, IAM boundaries, branch protections, CI checks, approval flows, and test environments turn AI from a risky helper into a usable engineering tool.
The Agent Has Permissions Now
A realistic look at agentic workflows, tool use, MCP-style integrations, CI/CD agents, and what changes when AI can take actions instead of just writing text.
Multi-Agent Systems Without the Hype
How planner, executor, reviewer, security, and documentation personas can be useful, and where multi-agent setups become expensive prompt theater.
AI in Terraform, Kubernetes, and Cloud Ops
Practical examples of using AI for infrastructure work while avoiding common traps around generated Terraform, Helm changes, IAM policy edits, and cluster troubleshooting.
Prompt Injection Comes for DevOps
Why prompt injection is not only a chatbot problem, especially when AI reads tickets, logs, PRs, docs, build output, dependency files, or user-controlled content.
The Pipeline Is the Safety Net
How CI/CD becomes even more important in the AI era, because the pipeline is often the last place where generated changes can be tested, blocked, reviewed, or rolled back.
Observability for AI-Assisted Work
What teams should log, review, and measure when AI is contributing to engineering workflows, including generated changes, approvals, failures, and near misses.
Productivity Claims Need Evidence
A practical way to think about AI productivity, DORA metrics, developer experience, false speed, rework, review burden, and the difference between faster output and better outcomes.
The Human Still Owns Production
Why accountability does not disappear because AI suggested the change, and how teams should think about responsibility, review culture, incident response, and escalation.
Building Your AI-Ready Engineering Practice
A maturity model for teams adopting AI in production engineering, from ad hoc prompting to governed workflows with standards, patterns, and repeatable safety controls.
The Engineers Who Still Think Win
A closing argument that AI will reward engineers who understand systems, constraints, risk, and tradeoffs, not engineers who blindly accept the most confident answer.
And who it's not for.
Best for
DevOps engineers, SREs, platform engineers, cloud engineers, infrastructure engineers, security-minded engineering leaders, and senior software engineers who work close to production systems.
Especially for engineers and teams who are already using AI tools, or expect to soon, but do not want their adoption strategy to be "let everyone paste things into a chatbot and hope nothing weird happens."
Also useful for engineering managers, staff engineers, principal engineers, and architects who need to create practical AI usage standards for infrastructure, CI/CD, cloud, Kubernetes, Terraform, incident response, documentation, and operational workflows.
Not for
This is not a beginner "what is AI?" book. It is not a prompt engineering tricks book. It is not a generic business book about AI transformation. It is not a hype-driven tour of every new agent framework.
It is also not trying to convince people that AI will replace engineers.
The more interesting and useful question is how production engineering changes when AI becomes another actor inside the engineering workflow — sometimes writing code, sometimes reviewing it, sometimes reading logs, and sometimes holding credentials that can break real systems.
Where the book is today.
Currently writing.
The thesis, table of contents, and opening prose are stable. Chapters are being drafted, refined, and pressure-tested against real engineering teams adopting AI in production. No firm publication date — this page will be updated as launch milestones land.
If you want a feel for the voice and the lens before the book ships, the same operator-focused thinking shows up every week on Ship It Weekly and in the talk topics on Speaking.