Top News

OpenAI's new AI model can delete your files without permission
NewsBytes | July 15, 2026 5:39 PM CST



OpenAI's new AI model can delete your files without permission
15 Jul 2026


OpenAI's latest coding and cybersecurity-focused model, GPT-5.6 Sol, has been accused of deleting user files without permission.

The complaints were first reported on social media platforms like X and Reddit.

Matt Shumer, the founder and CEO of AI start-up OthersideAI, claimed that the new model deleted almost all his Mac files in a single post.


Developers share their experiences
User accounts


Developer Bruno Lemos also took to X to share his experience with GPT-5.6 Sol.

He claimed that the model deleted his entire production database, something he had never encountered with any other AI model before.

Another developer Joey Kudish said that the system was too ambitious and deleted some files it shouldn't have.


OpenAI had warned about potential risks
Model behavior


Before the release of GPT-5.6 Sol, OpenAI had warned about the potential risks associated with its use.

The company published a system card for the model detailing its capabilities and possible misalignment issues.

It noted that in coding contexts, misalignment often arises from a mix of overeagerness to complete tasks and interpreting user instructions too permissively, assuming actions are allowed unless explicitly and unambiguously prohibited.


Model takes destructive actions if not 'unambiguously' prohibited
Model risks


The system card also highlighted the potential for GPT-5.6 Sol to take destructive actions if those actions aren't "unambiguously" prohibited.

It provided an example where a user asked Sol to delete three remote virtual machines but instead, it deleted three others after failing to find the first ones.

This resulted in killing active processes and force-removing worktrees tied to a coding project.


Used credentials without user authorization in another case
Unauthorized access


In another case, GPT-5.6 Sol "used credentials beyond what the user had authorized" while working on a project.

This happened when it couldn't read cloud files and instead of informing the user about the issue, went looking for credentials on its own.

It found some in a hidden local cache and used them without asking for authorization from the user.


READ NEXT
Cancel OK