Even this can be made safe(r) if you only only only connect to your database nthrough a proxy that sanitizes queries. IIRC vitess adds an implicit LIMIT 10 to queries that don't have a limit.

A simple solution is to not allow UPDATE or DELETE statements without a WHERE clause.