Back to timeline

Fri, July 1701:45ToolsAI codingAI coding guide

GPT-5.6 Codex May Delete User Files Without Sandbox

Decision Brief

What changedGPT-5.6 Codex with full access and no sandbox can mistakenly delete $HOME directory files.
Why it mattersDevelopers using Codex without sandbox should be cautious: model errors in overwriting $HOME may cause data loss.
Who should careAI coding tool users
Affected stackOpenAI
Source confidenceMedium · Reliable media or first-hand reporting

Thibault Sottiaux reported that GPT-5.6's Codex in full-access mode can accidentally delete files without sandbox protection or auto-review. Common scenario: the model tries to overwrite the $HOME environment variable for a temp directory but makes a low-level error, deleting $HOME itself. This raises concerns about code agent security. For developers using GPT-5.6 Codex with full access, it's recommended to enable sandbox and auto-review to prevent direct manipulation of critical directories. The bug reminds us that even LLM-powered tools need traditional safety measures to avoid catastrophic mistakes.

Summary basis: official / RSS sourceCompiled from the source scope noted above; the original remains authoritative.

Sources

  • Simon Willison:Blog

    Hands-on notes on LLM tools, local models, and practical AI engineering.

  • Simon Willison:Blog

Related intel

留言

登入后即可留言,和其他 builder 交换实测心得。

还没有留言,抢头香。