Every AI coding assistant will happily rewrite your entire module when you ask for a one-line fix. The problem isn't the AI — it's that nobody checks the blast radius before hitting "apply."
What Is a Blast Radius Check?
Borrowed from SRE, a blast radius check answers one question: if this change is wrong, what breaks?
Before you accept any AI-generated diff, classify it:
| Blast Radius | Scope | Example |
|---|---|---|
| Tiny | One function, no callers | Rename a local variable |
| Small | One file, internal callers | Refactor a private helper |
| Medium | Multiple files, shared API | Change a function signature |
| Large | Cross-service, public API | Modify a database schema |
The 3-Step Check
1. Count the touched files
# After generating a diff
git diff --stat
If your "small fix" touches 8 files, stop. Ask the AI to scope it down.
2. Grep for callers
# Before accepting a function rename
grep -rn "oldFunctionName" src/
If there are 40 callers and the AI only updated 12, you've got a partial migration that will break at runtime.
3. Run the narrowest test
Don't run the full suite. Run only the tests that cover the blast radius:
# Run only tests in the affected directory
npm test -- --testPathPattern="src/auth"
If those pass, expand. If they fail, you caught it early.
A Prompt That Enforces This
Here's what I prepend to any refactoring request:
Before making changes, list:
1. Every file you will modify
2. Every function signature you will change
3. Every caller of those functions
Then wait for my approval before proceeding.
This forces the AI to surface the blast radius before it starts coding. Nine times out of ten, seeing the list makes me rethink the approach.
Why This Matters
I've watched AI assistants cheerfully rename a utility function that was imported in 30 files — and only update 15 of them. The code compiled. The tests that ran passed. The deploy broke production.
The blast radius check takes 60 seconds. The production incident takes 6 hours.
Start small: Add a blast radius check to your next AI-assisted refactor. If the scope surprises you, that's the check working.
Top comments (0)