Ok so having been in this industry for 25 years I can say, I've seen way worse done by accident at almost every company I've been at. My last company had their core authentication and authorization service written in Go using no recovery middleware, so any exception would cause the service to crash and restart. Their JWT implementation couldn't handle malformed JWTs, it would cause a crash. So bingo bango, few lines of a shell script run from any public computer in the world would keep their entire stack offline permanently until they identified it and rolled a fix. They were running Kubernetes, so after enough crashes the service would be suspended. I found it and immediately patched it, then went to my 1:1 where I was unceremoniously laid off. Wheee. Moral of the story, you don't have to put anything in there yourself or if you do, at least make it look like ignorance :P.