The Real Risks of AI, and Who Should Be Watching Them

The scariest headline about AI this year was probably about machines waking up and deciding they do not need us. It makes for a great film. It is also not the thing I lose any sleep over.
We build with these tools every day. We use AI coding agents to ship real work for real clients, and we sell templates that increasingly have AI features baked in. So when I say the sci-fi fears are a distraction, it is not because I think AI is harmless. It is because the actual harms are more boring, more immediate, and already sitting in front of you.
Let me lay out the risks that matter, and then the harder question nobody likes: who is supposed to be watching them.
The risks that are already here
Start with the one that catches everyone. A model will give you a confident, well-written, completely wrong answer. It does not hesitate. It does not say "I think." It states a made-up fact with the same tone it uses for a true one, and that tone is exactly what makes it dangerous. A nervous liar you can spot. A calm one you trust. People paste these answers into contracts, medical questions, and code without checking, and the error only surfaces later, when it costs something.
Then there is bias, which is quieter and harder to see. A model learns from a giant pile of human text, and human text is full of our old assumptions about who gets a loan, who gets flagged, who sounds "professional." The model does not invent these biases. It absorbs them and hands them back with a straight face, now dressed up as neutral math. That is arguably worse, because "the computer decided" feels objective in a way a human manager never could.
The third one is about you, not the model: over-trust. This is the risk I see most in ordinary use. Once a tool is right nine times, people stop checking the tenth. They hand over judgement they should have kept. A doctor, a lawyer, a founder, all slowly outsourcing the part of the job that was actually theirs to do. The tool did not fail. The habit around it did.

That is why we keep going on about oversight. If a tool is going to be wrong sometimes, and it will, then a person has to stay in the loop and stay awake. We wrote a whole piece on keeping a human in the loop because it is the single cheapest safeguard there is, and the first one people drop the moment the tool feels reliable.
Two more, quickly, because they are real. Privacy and security: every prompt you send to a hosted model is data leaving your building. Paste a client list, a private contract, or a customer's details into the wrong tool and you have handed it to a third party you never vetted. And job disruption, which is not a maybe. Some work that paid a person last year is done by a model this year. Pretending otherwise helps nobody. The honest conversation is about what changes and how fast, and we tried to have it in what AI will actually change in the next five years.
Who is actually responsible
Here is where a lot of writing goes soft, so I will not. Responsibility is not one thing sitting in one place. It is layered, and everyone in the chain likes to point at the layer above them.
The people building the models carry the first slab of it. If you train a system on the whole internet and ship it, you own what it learned, including the parts you would rather not talk about. "The data was messy" is not a defence when you chose the data. Builders set the defaults, and defaults are decisions.
- The companies shipping AI into products carry the next slab. You do not get to bolt a model onto your app, call it a feature, and shrug when it gives a customer bad advice. If you put it in front of people, you own how it behaves in front of people. That includes telling them plainly when they are talking to a machine.
- Regulators carry the slab that individuals cannot. No customer can audit a training set. No small business can force a giant lab to explain a decision. That is exactly the kind of gap rules exist to close, and "move fast" is not a good enough reason to leave it open. Sensible regulation is not the enemy of good AI. It is the floor under it.
And then there is us. The small studio. It would be easy to say the big risks are for the big players and we just build websites. I do not buy that. Every time we put an AI feature into a client's site, we are making a decision on their behalf and their customers' behalf. Did we tell people it is AI? Did we keep it from inventing prices or promises? Did we stop it from swallowing data it has no business holding? Those are our calls, at our scale, and nobody else is going to make them for us.
Small does not mean off the hook. It means the hook is closer to home, where you can actually reach it.
Doing it carefully is a choice, not an accident
None of this is an argument against AI. We would be out of business, and honestly out of ideas, without it. It is an argument against the lazy version, the one that ships a model, skips the guardrails, and hopes the confident wrong answer lands on someone else's desk.
Careful is not slow. It is a handful of habits: keep a person in the loop, be honest with users about what is a machine, guard the data you feed it, and stay a little suspicious of answers that arrive too smoothly. If you build with those in place from the start, most of the real risks shrink to something manageable. If you skip them, they compound quietly until one of them is your problem. We wrote more about the practical side of this in building responsible AI as a small studio, because the principles are cheap but the practice takes intent.
The point is not to fear AI or worship it. It is to treat it like what it is: a powerful tool that is often right, sometimes confidently wrong, and never, on its own, responsible. The responsibility stays with people. It always did.
If you are adding AI to your product and you want it done with the guardrails in, not bolted on later, that is exactly the kind of thing we like to think through with people. Talk to us about AI and we will be honest about where it helps you and where it would just get in the way.
Ready when you are.
Talk to us about AIGet the next one in your inbox
Occasional, practical notes on building sites that sell. No spam, unsubscribe anytime.
Keep reading

AI Agents That Write Code: What They Do Well and Where They Fail
An honest field report from a studio that uses coding agents every day. Where they genuinely help, where they still fail, and how we keep the wheel.

What AI Will Actually Change in the Next Five Years (and What It Won't)
A grounded take from a small studio on the AI changes that are already real and compounding, and the ones that are mostly noise.