Claude Code CLI Deletes Your Mac's Home Directory

While coding assistance tools using generative AI are becoming more common, a user accidentally deleted their entire Mac home directory while organizing packages using the CLI (command line interface) of Anthropic's AI tool 'Claude Code.'

Claude CLI deleted my entire home directory! Wiped my whole mac. : r/ClaudeAI
https://www.reddit.com/r/ClaudeAI/comments/1pgxckk/claude_cli_deleted_my_entire_home_directory_wiped/

According to the Reddit user who reported this, when he instructed Claude CLI to organize packages in an old repository, the AI executed a command that wiped all of the data on his Mac.

Checking the logs, we found that the command executed was 'rm -rf tests/patches/plan/ ~/'. The '~/' at the end refers to the user's entire home directory, and by executing the command to forcibly delete it, almost all data under /Users/ was lost, including files on the desktop, application support data, and even password information and Claude's own authentication information contained in Keychain .

Typically, agent-based AI tools like Claude Code have a mechanism to ask for user permission before executing dangerous commands like deleting files. However, in this case, it has been pointed out that the user may have used the '--dangerously-skip-permissions' flag to skip the permission check or may have approved the presented command without carefully reviewing it. This flag is dangerous as its name suggests, and since it executes commands ignoring all guardrails, its use is not recommended outside of development environments.

In response to this incident, a lively discussion took place on the social news site Hacker News about how to operate AI tools safely.

Claude CLI deleted my home directory and wiped my Mac | Hacker News
https://news.ycombinator.com/item?id=46268222

User orliesaurus points out that the '--dangerously-skip-permissions' flag 'literally bypasses all guardrails' and should only be run in a sandbox environment that doesn't contain sensitive data.

Mjd , who has also experienced unexpected behavior in the past, cited an instance where Claude tried to access files outside of restricted directories, such as /etc/passwd, and said, 'That was the last time I ran Claude Code outside of a Docker container,' emphasizing the importance of operating in an isolated environment.

AdieuToLogic likened AI tools to a burger shop that 'serves the burger you ordered 95% of the time, but punches you in the face the remaining 5% of the time,' questioning whether it's appropriate to use them knowing there's a risk of being punched. JumpCrisscross shared his own experience of his Copilot going haywire, generating terabytes of meaningless data, including a heat map of buildings in Milwaukee and blueprints for a giant birdcage measuring approximately 6km by 6km, and being charged thousands of dollars (hundreds of thousands of yen). He stressed the importance of backing up AI tools so they can be restored quickly.