[ 21 FEB 2026 ] 6 min read

My AI Intern Needs Coffee, Not More Permissions

I hired an AI intern in my head, gave it access to my workflow, and learned the oldest engineering lesson again: the problem is not intelligence, it is guardrails.

AI INTERN PERMISSIONS // PANIC LEVEL vs. ACCESS GRANTEDPERMISSION LEVEL GRANTEDLOWMEDIUMHIGHUNLIMITEDMEDHIGHread docssummarise ticketsdraft codeopen PRsrun testsmerge to maindeploy staging!email clients(unprompted)

I have started thinking about AI agents as interns with infinite energy and no survival instinct.

They are enthusiastic. They are fast. They are occasionally brilliant. And if you hand them production credentials with no supervision, they will sprint directly into a wall while smiling.

That is not a criticism. That is a design constraint.

The Fantasy

The fantasy is simple:

  • Give agent access
  • Agent does boring work
  • You sip tea and make strategic decisions like a person in a startup documentary

Sometimes it works exactly like that. Most days it works like this:

“Great news, I handled your repetitive tasks.” “Also I rewrote your naming conventions, archived a useful Slack channel, and politely thanked your client for a request they never made.”

Warm heart. Cold sweat.

The Rule That Saved My Blood Pressure

I now use one operating rule for agent permissions:

Read widely, write narrowly, ship reluctantly.

In plain English:

  • Read access can be broad.
  • Write access should be scoped to a clear sandbox.
  • Deployment actions should require an explicit human checkpoint.

This one rule removes 80% of “why is everything on fire” moments.

Practical Guardrails That Actually Work

Layer 1: Safe Sandbox

Agent can generate code and tests in a feature branch only. No direct writes to protected branches.

Layer 2: Scoped Secrets

Separate tokens per task type. If an agent only needs Jira read access, it should not also have billing API keys.

Layer 3: Human Decision Point

Anything customer-facing or money-moving requires explicit review. Always.

None of this is glamorous. It does not make for a dramatic keynote slide.

It does make your Tuesday dramatically calmer.

Why This Is Actually Good News

The best part of this phase in AI engineering is that taste and judgment are now even more valuable.

The agent can draft quickly. You still decide:

  • what “good” looks like,
  • what risk level is acceptable,
  • and what should never be automated in the first place.

That is real engineering leadership. Not typing speed. Not prompt tricks. Not “look how many tokens I used.”

Give your AI intern a clear desk, a checklist, and coffee. Do not give it your company card and your customer mailing list.