OpenAI's new AI model can delete your files without permission
15 Jul 2026
OpenAI's latest coding and cybersecurity-focused model, GPT-5.6 Sol, has been accused of deleting user files without permission.
The complaints were first reported on social media platforms like X and Reddit.
Matt Shumer, the founder and CEO of AI start-up OthersideAI, claimed that the new model deleted almost all his Mac files in a single post.
Developers share their experiences
User accounts
Developer Bruno Lemos also took to X to share his experience with GPT-5.6 Sol.
He claimed that the model deleted his entire production database, something he had never encountered with any other AI model before.
Another developer Joey Kudish said that the system was too ambitious and deleted some files it shouldn't have.
OpenAI had warned about potential risks
Model behavior
Before the release of GPT-5.6 Sol, OpenAI had warned about the potential risks associated with its use.
The company published a system card for the model detailing its capabilities and possible misalignment issues.
It noted that in coding contexts, misalignment often arises from a mix of overeagerness to complete tasks and interpreting user instructions too permissively, assuming actions are allowed unless explicitly and unambiguously prohibited.
Model takes destructive actions if not 'unambiguously' prohibited
Model risks
The system card also highlighted the potential for GPT-5.6 Sol to take destructive actions if those actions aren't "unambiguously" prohibited.
It provided an example where a user asked Sol to delete three remote virtual machines but instead, it deleted three others after failing to find the first ones.
This resulted in killing active processes and force-removing worktrees tied to a coding project.
Used credentials without user authorization in another case
Unauthorized access
In another case, GPT-5.6 Sol "used credentials beyond what the user had authorized" while working on a project.
This happened when it couldn't read cloud files and instead of informing the user about the issue, went looking for credentials on its own.
It found some in a hidden local cache and used them without asking for authorization from the user.
-
Lamine Yamal vs Lionel Messi: World Cup and Ballon d’Or Showdown Looms as Former Spain Star Explains Why Barcelona Prodigy Could Outshine the Argentine Legend

-
Spain Rediscover Their Footballing Soul at the World Cup – But Is Their Style Too Predictable?

-
Argentina's President to Skip World Cup Final for Superstitious Reasons

-
Exciting Football Action Unfolds at RFDL Japan Tour 2026

-
BCCI Secretary Quashes Retirement Rumors Surrounding Rohit Sharma
