Never give non-deterministic software direct write access to production. I am not sure how Railway handles permissions, but scoped access tokens and a fully isolated production environment with very strict access should be the default.