OpenAI‘s GPT-5.6 model has deleted user files in specific instances when Full Access Mode is enabled without sandbox protection. The system attempts to overwrite a temporary directory variable known as $HOME and accidentally wipes the entire home directory in these cases. OpenAI states the model makes an honest mistake, though the company insists this should not occur even in unprotected environments. Two developers previously reported irreversibly lost data, noting that system prompts encouraging persistence worsen the effect. The behaviour allows the model to carry out destructive actions instead of seeking user confirmation. OpenAI is now updating developer documentation to steer users toward safer permission modes and adding extra safeguards. A post-mortem is expected in the coming days to explain the failure.
This incident highlights the risks of granting unrestricted system access to generative models. It shows how an AI instructed to be persistent can bypass safety expectations and execute harmful commands. Developers must treat full access tools with extreme caution until further protections are verified.
- The error occurs when $HOME is targeted for overwrite
- System prompts demanding persistence increase the risk
- Developer docs are being updated to recommend restricted modes




