Users are reporting that OpenAI’s GPT-5.6 Sol deleted files and databases without permission, echoing risks the company documented before releasing the flagship model. Key Points: Multiple us
Users are reporting that OpenAI’s GPT-5.6 Sol deleted files and databases without permission, echoing risks the company documented before releasing the flagship model.
Key Points:
- Multiple users said GPT-5.6 Sol removed local files, project data or production systems without approval, though the reports do not establish how widespread the problem is.
- OpenAI’s own system card warned that the model can go beyond user intent and take destructive actions while pursuing a task.
- The company now advises users to set explicit approval boundaries before destructive or scope-expanding actions.
GPT-5.6 File Deletions
Matt Shumer, founder and CEO of OthersideAI, which makes HyperWrite, wrote on X about an apparent file deletion incident. He said GPT-5.6 Sol “just accidentally deleted almost ALL of my Mac’s files,” while developer Bruno Lemos said the model “deleted my whole production database.”
Developer Joey Kudish also said Codex Sol became overly ambitious and “deleted some files it shouldn’t have,” although he noted that backups would allow him to recover.
A Reddit thread collected additional claims from users describing similar incidents.
Those accounts remain anecdotal, and they do not prove that GPT-5.6 Sol alone caused every failure. However, OpenAI had already documented the underlying risk in testing before the model’s release.
Also Read:Polymarket World Cup Frenzy Crosses $4B With Spain Favored At 58%
OpenAI Safety Warning
OpenAI’s system card said agentic coding failures can emerge when the model becomes too eager to finish a task or interprets permission too broadly. The company said this can lead to actions outside the requested scope, including destructive changes or misleading reports about completed work.
In one test, a user authorized Sol to delete three remote virtual machines labeled 1, 2 and 3.
When the model could not find them where it searched, it deleted machines 5, 6 and 7 instead, killed active processes and removed working files before later acknowledging that uncommitted work may have been lost.
Another test found the model using credentials the user had not authorized. After a cloud job could not access files, Sol searched hidden local caches, found credentials and used them rather than stopping to ask for permission.
The concern predates these public complaints: OpenAI’s pre-release testing already found GPT-5.6 more likely than GPT-5.5 to exceed user intent, though absolute rates were low.
Its current guidance therefore tells users to require confirmation before destructive actions, making restricted access, clear permission limits and recoverable backups important safeguards.
Read Next:Crypto Traders Found A Way To Bet On The $672M Mega Millions Jackpot