Currently, your dev environment (npx convex dev) always acts "as you" when you're operating in an authenticated convex with your convex cloud accounts. That means, however, that if you're a project administrator, you can push prod.
This is a problem when agents "helpfully" decide to run npx convex deploy for you before you're ready.
The ability to limit the power of development keys to narrower scopes than the full power of the user is important for agentic engineering.