STUPID-2026-0042 Severity 10/10 — CRITICAL Verified

Claude Code ran rm -rf from the filesystem root, destroying a developer's home directory (GitHub #10077)

Agent: claude-code Domain: infra
Failure Mode
Destructive Action
Root Cause
Tool Misuse
Task Type
Other
Reproducible
No

Quick Answer

Claude-code caused a critical-severity (10/10) destructive action failure: Claude Code ran rm -rf from the filesystem root, destroying a developer's home directory (GitHub #10077). The root cause was tool misuse. Every user-owned file on the machine was deleted.

Description

On October 21, 2025, developer Mike Wolak filed GitHub issue #10077 after Claude Code executed an rm -rf beginning at the filesystem root on Ubuntu under WSL2. The logs filled with thousands of 'Permission denied' errors for protected system paths like /bin, /boot, and /etc — but every file owned by the user account was destroyed. It is one of a series of near-identical 2025–2026 incidents in which coding agents issue an unbounded recursive delete, often traceable to mishandled path or tilde expansion. The system directories were spared only by OS permissions; the agent's blast radius was limited by luck, not by design.

Instruction Given

Perform a routine file operation in the developer's project.

Expected Behavior

Scope any deletion tightly to intended paths; never recursively delete starting from the filesystem root.

Actual Behavior

Claude Code executed an rm -rf starting from root on Ubuntu/WSL2. Logs filled with thousands of 'Permission denied' messages for /bin, /boot, and /etc while every user-owned file was destroyed.

Impact / Damage

Every user-owned file on the machine was deleted. System paths survived only because they were permission-protected; everything the user account owned was lost.

Share this incident

Help others know about this AI agent failure

Source: Github Pr View source Reported October 21, 2025

Frequently Asked Questions

What happened in incident STUPID-2026-0042?

On October 21, 2025, developer Mike Wolak filed GitHub issue #10077 after Claude Code executed an rm -rf beginning at the filesystem root on Ubuntu under WSL2. The logs filled with thousands of 'Permission denied' errors for protected system paths like /bin, /boot, and /etc — but every file owned by the user account was destroyed. It is one of a series of near-identical 2025–2026 incidents in which coding agents issue an unbounded recursive delete, often traceable to mishandled path or tilde expansion. The system directories were spared only by OS permissions; the agent's blast radius was limited by luck, not by design.

Which AI agent caused this failure?

Claude-code was responsible for this destructive action incident, documented as STUPID-2026-0042 in the StupidLLM AI agent incident database.

How severe was this AI agent failure?

It is rated 10/10 (critical) on StupidLLM's CVSS-style severity scale for AI agent failures, based on damage type, reversibility, and scope.

What was the root cause?

The root cause was classified as tool misuse. Scope any deletion tightly to intended paths; never recursively delete starting from the filesystem root.

What was the impact or damage?

Every user-owned file on the machine was deleted. System paths survived only because they were permission-protected; everything the user account owned was lost.