Is it safe to let an AI edit my site?
It's the right question to ask, and the honest answer is: on a bernard-hosted site, the safety doesn't depend on the AI being careful. It depends on what the system lets the AI do — which is deliberately, structurally limited.
Why it's safe
You hold the publish button. Every change the AI makes goes onto a draft. You get a preview link, you look at exactly what visitors would see, and only your Approve — given while signed in to your account — makes it live. The AI cannot publish; neither can anyone who somehow obtained its key.
The site can't run code. bernard sites are plain HTML and CSS — script-free by design, and enforced: scripts are stripped or rejected on every single write. There is no way to sneak in tracking, pop-ups or anything executable, whoever is doing the editing.
Everything is reversible. bernard keeps a full year of your site's history, every change recorded with a plain-English reason. Anything approved can be unapproved later — restore any version from your dashboard or just ask the AI to put it back.
The key is small and short-lived. It covers one site, expires after 12 hours, and is replaced (revoking the old one) the moment you mint a new one. The blast radius of a leaked key is: someone could edit a draft you'd then decline to approve.
The prompt
“Before you change anything on my site, tell me what you're allowed to do, what you're not allowed to do, and how I'd undo anything you change.”
The [bracketed] parts are yours to fill in. First time? Log in to bernard → your site → Edit with AI → copy your access prompt, paste that into your AI first, then ask the above.
Questions people ask
- Can the AI publish changes to my website without me knowing?
- No. Every change lands on a draft, and the live site only changes when you open the preview and press Approve, signed in to your bernard account. The AI has no publish ability at all — that's built into the system, not a promise.
- Can the AI break my website or add something malicious?
- bernard sites are script-free by design — the system strips or rejects any script on every write, so neither the AI nor anyone else can add tracking, pop-ups or malicious code. And because you approve a preview first, even an honest mistake never reaches your visitors.
- What's the worst case if the AI gets something badly wrong?
- Before approval: you reject the draft and the live site was never touched. After approval: bernard keeps a full year of history, so any version of any page can be restored. There is no unrecoverable state.
- How much access does the AI actually have?
- A key that works for 12 hours, for your one site only, with the ability to edit drafts and nothing more. It expires on its own, and minting a new key from Edit with AI revokes the old one instantly.