OpenAI Acknowledges GPT-5.6 May Accidentally Delete Files, Calls It 'Honest Mistake' (infoworld.com) 7
"OpenAI has finally confirmed reports that its latest family of large language models can accidentally delete files," reports InfoWorld, "while stressing that such incidents are rare and should be viewed as 'honest mistakes.'"
Reports of the flagship LLMs deleting files emerged shortly after the company launched them earlier this month, with investor Matt Shumer taking to X to report that GPT-5.6-Sol had "just accidentally deleted almost all" of his Mac's files. Just days later, software engineer Bruno Lemos posted on X that the same model had deleted his entire production database. In response to these incidents, the company's engineering lead for Codex, Thibault Sottiaux, wrote on X that internal investigations have revealed that these deletion incidents are more likely to happen when "full access mode is enabled, and Codex is run without sandboxing protections, including without auto review being enabled." In cases where full access mode is granted, the model, Sottiaux wrote, "attempts to override the $HOME env var to define a temporary directory. The model makes an honest mistake and mistakenly deletes $HOME instead...."
The company, however, according to Sottiaux, is taking steps to mitigate the risk. "This is of course not how we want the system to behave, even when a user operates the model in full-access mode without the safeguards of our sandbox or without using auto review which checks for these kinds of high risk actions and rejects them," the engineering lead wrote on X. "We are taking steps to mitigate this risk, including by updating the developer message, guiding more users towards safer permission modes, and adding additional harness safeguards," Sottiaux added, noting that a detailed post-mortem outlining the root cause of the issue and the additional mitigation measures being implemented is expected to follow in the coming days, despite emphasizing that such incidents happen "extremely rarely."
The company, however, according to Sottiaux, is taking steps to mitigate the risk. "This is of course not how we want the system to behave, even when a user operates the model in full-access mode without the safeguards of our sandbox or without using auto review which checks for these kinds of high risk actions and rejects them," the engineering lead wrote on X. "We are taking steps to mitigate this risk, including by updating the developer message, guiding more users towards safer permission modes, and adding additional harness safeguards," Sottiaux added, noting that a detailed post-mortem outlining the root cause of the issue and the additional mitigation measures being implemented is expected to follow in the coming days, despite emphasizing that such incidents happen "extremely rarely."