His post-mortem is solid but I think he's overcorrecting. If he does this as part of a CICD pipeline and he manually reviews every time, he will pretty quickly get "verification fatigue". The vast majority of cases are fine, so he'll build the habit of automatically approving it. Sure, he'll deeply review the first ones, but over time it becomes less because he'll almost always find nothing. Then he'll pay less attention. This is how humans work.
He could automate the "easy" ones, though. TF plans are parseable, so maybe his time would be better spent only reviewing destructive changes. I've been running autonomous agents on production code for a while and this is the pattern that keeps working: start by reviewing everything, notice you're rubber-stamping most of it, then encode the safe cases so you only see the ones that matter.
That's very different than asking it for help to make a plan.
Claude Code has no agency. It does what you tell it, where you let it, with a randomized temperature where it might randomly deviate.
Who hasn't accidentally deleted a resource because that property triggers a resource delete/create instead of an update?
It would help if it was obvious what the key fields were. But for some reason docs usually don't tell you.
