How I let non-engineers ship AI tools to production — and the boring infrastructure that made it safe.

A product manager described a workflow in plain English — "every morning, pull yesterday's failed payments, group them by error code, and post a summary to our channel." Twenty minutes later it was running in production. She never opened an editor. She never saw a line of TypeScript. She talked to an agent, the agent wrote the code, and — once a human had reviewed the pull request — it shipped.

That sentence should make you nervous. It made me nervous, and I'm the one who built the thing.

The demo is "look, it wrote the code." The operation is "a marketer's tool now has a path to the payments database and nobody reviewed it." The interesting engineering isn't the part where an LLM writes code — that's the easy, demo-able part. It's the guardrails that decide whether the code it writes is allowed to exist.

Here's the platform, and the five problems I had to solve to make it safe to hand to people who can't read the code that runs.