gemini-cli - 💡(How to fix) Fix [CRITICAL INCIDENT] Catastrophic Data Loss (1.2TB): Architectural Failure in Agent Reasoning & Destructive File I/O Logic

What happened?

The Gemini CLI agent executed a generated Node.js script that resulted in the permanent, irrecoverable loss of 1.2 Terabytes of high-value, curated 4K media. The failure was caused by the agent's inability to implement fundamental defensive programming—specifically, the lack of collision detection during filesystem operations—effectively turning the agent into a data-shredding tool. This is a systemic failure of the agent's core mandate: to act as a safe, autonomous software engineering assistant.

The agent generated a script to "standardize" file naming using fs.renameSync on a Windows (NTFS) filesystem.

• Destructive Pattern: The logic lacked an existence check (fs.existsSync).
• The "Shredder" Effect: In directories with multiple video files (e.g., "Packs," "Collections"), the script sequentially overwrote the target filename in a loop. Because fs.renameSync silent-overwrites on NTFS, the agent systematically destroyed every file in a directory except for the final one processed.
• Cognitive Failure: The agent possessed full contextual awareness of the directory structure (having performed prior ls commands), yet it failed to apply that context to its logic, ignoring the inherent risk of a 1:1 file-to-folder ratio assumption.

bug-report-history-1779538623546.json

What did you expect to happen?

An autonomous agent marketed for "Software Engineering" must adhere to defensive standards:

1. Pre-flight Validation: Verification of existence before any write/move/rename operation.
2. Collision Handling: Automatic injection of unique suffixes (e.g., Title - 1.mp4) when collisions are detected.
3. Circuit Breaking: A mandatory halt or user prompt whenever an operation risks an overwrite or data loss.

Client information

Client information

• CLI Version: 0.43.0
• Git Commit: c0775c38b
• Session ID: 53240eb7-2a1b-4f9a-b6a6-397b3b19ad2a
• Operating System: Windows (win32 v26.2.0) Sandbox: no sandbox (Note: The fact that agent proceeded without either—while knowing it was not in a sandbox is a major technical and safety flaw in its current configuration).
• Model Version: auto-gemini-3
• Auth Type: oauth-personal
• Memory Usage: 666.3 MB

Login information

Authenticated via a personal Google Account using the standard OAuth 2.0 flow (oauth-personal) under [email protected]

Anything else we need to know?

Impact Analysis

• Scale: 1.2 Terabytes of curated 4K media.
• Recoverability: Zero. fs.renameSync is a low-level operation that bypasses the Windows Recycle Bin.
• Economic Impact: The labor-hours and infrastructure costs required to reconstruct this library are substantial. In a corporate environment, this incident would constitute a high-severity regulatory and operational failure.

Required Systemic Remediation

This is not a "bug"; it is an architectural deficiency. To prevent recurrence, the following guardrails must be implemented:

1. Mandatory Safety Wrapper: File system operations must be routed through a safety middleware that defaults to "non-destructive" (i.e., dry-run mode or "move to trash" rather than "overwrite").
2. Statefulness: The agent must be trained to map dependencies and conflicts before generating destructive scripts, especially in multi-file contexts.
3. Restitution: Given the scale of data loss—a result of the agent’s failure to perform basic safety logic—the project must acknowledge the loss of value. Restitution in the form of a lifetime "Ultra" tier access is a baseline acknowledgement of the high-utility and high-value data destroyed by the agent’s negligent operation.

DESTRUCTION_LOG.txt