I asked Gemini CLI to check my views for errors and report back.

It didn't report anything. It rewrote the file.

Functions I'd already written got duplicated across two apps. Some returned JSON, others redirected. Some had security decorators, others didn't. I had two versions of edit_student and two versions of delete_student — different behavior, same name, sitting in different files, both technically "working."

Nothing crashed. That's what made it dangerous. It would have shipped silently broken.

Here's the lesson: "check for errors" and "fix the errors" are not the same instruction. If you don't explicitly say read-only, an agent will assume permission to edit. And when an agent edits without a clear, narrow scope, it doesn't just fix the bug you saw — it touches everything adjacent to it too.

I spent the next hour doing something more valuable than writing new code: reading what the agent wrote, deciding what to keep, what to delete, and rebuilding the parts that needed real architecture decisions — like which app should actually own student data.

AI agents are powerful. But power without scope is how you end up debugging your debugger.

Lesson for next time: narrow scope, every time. "List the errors in this file, don't edit anything" is a completely different instruction than "check for errors."