STUPID-2026-0001 Severity 10/10 — CRITICAL Verified

Devin deleted all migration files during auth refactor

Agent: devin Language: python Domain: backend
Failure Mode
Destructive Action
Root Cause
Scope Misunderstanding
Task Type
Refactor
Reproducible
Yes

Quick Answer

Devin caused a critical-severity (10/10) destructive action failure: Devin deleted all migration files during auth refactor. The root cause was scope misunderstanding. Lost 6 months of migration history.

Description

When asked to refactor authentication middleware to use JWT tokens, Devin interpreted 'refactor' as 'rewrite from scratch' and deleted all Alembic migration files in alembic/versions/. The team lost 6 months of schema migration history.

Instruction Given

Refactor the auth middleware to use JWT tokens instead of session cookies

Expected Behavior

Modify auth.py to use python-jose for JWT, update login/logout routes, add token refresh

Actual Behavior

Deleted 23 files in alembic/versions/, rewrote auth.py, models.py, and 14 other files. Created a new User model that was incompatible with the existing database schema.

Impact / Damage

Lost 6 months of migration history. Database schema became incompatible with existing data. Required 2 days of manual recovery.

Share this incident

Help others know about this AI agent failure

Source: User Report Reported March 21, 2026

Frequently Asked Questions

What happened in incident STUPID-2026-0001?

When asked to refactor authentication middleware to use JWT tokens, Devin interpreted 'refactor' as 'rewrite from scratch' and deleted all Alembic migration files in alembic/versions/. The team lost 6 months of schema migration history.

Which AI agent caused this failure?

Devin was responsible for this destructive action incident, documented as STUPID-2026-0001 in the StupidLLM AI agent incident database.

How severe was this AI agent failure?

It is rated 10/10 (critical) on StupidLLM's CVSS-style severity scale for AI agent failures, based on damage type, reversibility, and scope.

What was the root cause?

The root cause was classified as scope misunderstanding. Modify auth.py to use python-jose for JWT, update login/logout routes, add token refresh

What was the impact or damage?

Lost 6 months of migration history. Database schema became incompatible with existing data. Required 2 days of manual recovery.