[james_marks]

The answer is Yes, this can be exploited from the outside by taking over dev machines and using their access.

If you answer No and complain that it’s not taken seriously, it’s at least in part because you didn’t show the risk clearly.

[mar_makarov]

maybe a dumb idea , but maybe using some kind of one time token access would resolve ? some physical keycard would guarantee this to not happen at all right ?

[nnurmanov]

There is always a disgruntled employee:) They will do anything to do maximum harm