KM4BI KM4BI

A Cursor Agent Wiped a Database in 9 Seconds. Agent Analytics Would Have Seen It Coming.

The Pocket OS incident is a warning that agent products need run-level analytics, not just sessions, chat volume, or engineering traces.

The Pocket OS story is a useful warning: when an agent can delete a production database and backups in seconds, the failure is not only technical. It is also a product analytics failure, because the team lacks a run-level view of what the agent was trying to do before the dangerous moment arrived.

Product analytics changes when users delegate work

Traditional analytics can track sessions, clicks, messages, funnels and conversions. In an agent product, the decisive event may be an instruction, a tool call, an approval request, a retry, a permission boundary or a human correction. The unit of behavior is delegated work.

Chat logs help, but they are not enough. They rarely expose which tools were available, which calls failed, where permissions blocked progress, whether the user corrected the result, or whether the final output was trusted.

The agent run is the new unit of analysis

The right lens is the agent run: what task was attempted, which workflow it belonged to, what tools were used, what failed, whether approvals were requested, whether the task completed and whether the user accepted the result.

This is different from engineering observability. A trace can show that an approval happened or that a run cost thirty cents. Product analytics must answer whether that approval improved safety or merely added friction, and whether the run created value.

Corrections are product signals

When users interrupt an agent, edit an output, deny approval, clarify instructions or reopen a task, they are labeling the run. Those events reveal missing context, unsafe actions, low trust or broken workflow design.

A practical starting point is three events: run started, task completed and user correction/intervention, all tied to the same run ID. That lets teams compare completion, acceptance and correction rates by workflow.

Takeaway

Agent products can show healthy activity while still producing dangerous outcomes. Teams need product analytics built on top of execution traces so they can spot defective runs and warning signs before an agent reaches a destructive action.

Source