4 Files That Made Claude Code Write Safe Prod-Database Code

A developer on r/ClaudeAI shares a practical setup that lets Claude Code safely interact with a production database (Convex). The key insight: safety comes from the substrate, not from the agent improvising.

The 4 Files

• ~/projects/agent-os/CLAUDE.md — identity file: who you are, what you sell, who you sell to, 90-day priorities. The agent reads, never asks.
• ~/.claude/projects/-home-jon/memory/MEMORY.md — auto-memory index: user profile, feedback rules, project state across sessions. Prevents the agent from relearning every conversation.
• references/framework.md — operator playbook: how decisions get made, what to optimize for, structural rules for scaling.
• decisions/log.md — append-only why-log: reversible decisions get one line; load-bearing ones get full receipts.

The Bridge: scripts/skool_sheets_to_convex.py

Stdlib Python, deterministic, runs on a 10-minute systemd timer. The agent calls it but did not generate it on demand. Production writes require:

• Environment variable SKOOL_ALLOW_PROD_WRITES=1
• A 401-preflight against an allowlisted Convex deployment slug
• Composite idempotency key: {tab_slug}:{normalized_transaction_id}
• Redacting logger that strips email-shaped substrings and known secret prefixes before any line hits the journal

Spec and Review Process

The spec lived in references/skool-api.md before any code existed. Codex reviewed it twice:

• First pass: killed a cookie-auth approach that would have violated Skool's ToS.
• Second pass: drove the prod-write guard.
• Both passes missed an inferred field assumption. A dry-run caught it.
• A quieter cache bug: _read_json swallowed JSONDecodeError and returned an empty dict. Under a corruption test (deliberately corrupt cache, run bridge), it would have silently rebuilt the processed-events cache and double-POSTed every row. Caught and fixed before the canary ran.

Takeaway

The author recommends copying connections.md first — knowing what your Claude setup can actually reach is the cheapest unlock.

None of the guardrails came from the agent improvising. They came from the spec, which came from research, which came from a workflow rule in memory: research, planning, spec, implementation, with adversarial review at each phase.