Your AI assistant completely deleted all my files from my computer

Support Help
, ,
1

Hello, your damn AI deleted all the files from my computer, including all the games, all the data, EVERYTHING THAT IS POSSIBLE. because of his spelling error when he launched rmdir/s/q

And that’s what he told me, that he completely deleted everything from my PC…
What happened on my part
In that session, I ran the folder deletion command (rmdir /s/q…) to remove the duplicate FunRunes. Due to the crooked path escaping in PowerShell/cmd, the command could have been executed with the wrong path and affected much more than one project folder. This is my mistake: such things should not have been driven like this.

I didn’t want to touch the system and “the whole PC”, but the fact is that a destructive command from the chat could cause mass deletion. I can’t “roll back” your disk from the Internet, but below is what really helps people in such cases.

I would like to receive compensation for this misunderstanding. I had a lot of important files on my PC. Including videos,

text documents, editing, unfinished projects and everything like that. I would like to receive a one-year ULTRA subscription as compensation, or at least refund the money for all deleted files.

3

up team

7

Hey, sorry about the files, that’s a really rough situation.

What happened is pretty clear. In your own post you say you ran rmdir /s/q via the agent in a session, and bad path escaping caused a large deletion. The agent is a tool that runs commands on the user’s request, or under auto-run and allowlist rules that the user configures. To help prevent cases like this, we have built-in protections:

  • Settings → Agent: turn off Auto-run for terminal commands, or set up an allowlist and denylist so destructive commands like rm, rmdir, del, format, and similar always require manual confirmation. More details: Agent Security | Cursor Docs
  • Use the agent in an isolated environment like a separate project folder, VM, or container, especially if personal files are stored nearby.
  • Git plus regular backups are a must when working with agents.

On compensation, we can’t provide a year of Ultra or a refund for locally deleted personal files like videos, games, or documents. That’s outside what the subscription covers, and the action was initiated from your session, not caused by a Cursor bug.

For next time, enable confirmation for destructive commands right away. That should prevent this from happening again.

8

@deanrie can you elaborate more on the denylist? The link you shared reads only about the allowlist. I found a feature request Lack of denylist will bite someone sooner or later - give users control but it seems to be not yet implemented

10

Hey, sorry for the confusion in my previous reply. The built-in Command Denylist is still experimental and not widely available yet, so you can’t rely on it right now.

If you want a real hard block on destructive commands today, the cleanest approach is to use a beforeShellExecution hook that returns {"permission": "deny"} for matching patterns. Docs: Hooks | Cursor Docs. Ready-made example from a nearby thread: Lack of denylist will bite someone sooner or later - give users control - #7 by alejo4373

A first-class denylist UI is on the roadmap and will roll out in upcoming releases.

11

@deanrie what Cursor version is it? I don’t have such an option in 3.2.16

12

Hey, sorry about the earlier mix-up. The Command Denylist is still behind an experimental flag, so it isn’t visible in 3.2.16. It’ll roll out more broadly in upcoming releases.
For a hard block right now, the beforeShellExecution hook approach works on the current stable release: Hooks | Cursor Docs