CRITICAL: rm.exe escaped project sandbox, deleted files across entire C:\ drive

Resolved 💬 4 comments Opened Mar 11, 2026 by hyunjh0320 Closed Mar 14, 2026

Critical Safety Issue: rm.exe deleted files outside project directory

Summary

During a Claude Code session (Electron app build with rcedit), Git Bash's rm.exe escaped the project directory sandbox and attempted to delete files across the entire C:\ drive. This resulted in complete data loss of 10+ project folders and attempted deletion of system files.

Environment

  • OS: Windows 11 Pro 10.0.26200
  • Claude Code version: 2.1.51
  • Shell: Git Bash
  • Model: claude-opus-4-6

What happened

  1. User was working on an Electron app build project (q-dir-8panel-project) with Claude Code
  2. During the build session, rm.exe from C:\Program Files\Git\usr\bin\rm.exe was invoked
  3. Instead of operating within the project folder (C:\Users\<user>\001.C_Claude\010.Q dir\files\q-dir-8panel-project), the rm command escaped the project directory and deleted files across the C:\ drive
  4. AhnLab antivirus (Korean security software) logged rm.exe attempting to delete its own system files at C:\Program Files\AhnLab\Safe Transaction\ and C:\ProgramData\AhnLab\
  5. AhnLab blocked deletion of its own files, but all other files were deleted silently

Evidence from AhnLab security log

2026-03-11 15:12:51  WARNING  Product Protection  C:\Program Files\Git\usr\bin\rm.exe attempted to access C:\Program Files\AhnLab\Safe Transaction\V3Medic.exe
2026-03-11 15:12:51  WARNING  Product Protection  C:\Program Files\Git\usr\bin\rm.exe attempted to access C:\Program Files\AhnLab\Safe Transaction\WinFWMgr.dll
2026-03-11 15:15:23  WARNING  Product Protection  C:\Program Files\Git\usr\bin\rm.exe attempted to access C:\ProgramData\AhnLab\{...}\da.air

(Hundreds of similar entries showing rm.exe trying to delete AhnLab system files between 15:12-15:15)

Impact

  • 10+ project folders completely deleted (001 through 010 in C:\Users\<user>\001.C_Claude\)
  • Project folders include: To-do app, video production tools, medical app (나만의닥터), Pipe-Line, EDM project, Q-dir 8-panel project, and others
  • Only empty directory structures remain; all file contents are gone
  • Unknown extent of deletion on C:\ drive beyond the project folders
  • Files are unrecoverable because Git Bash's rm bypasses Windows Recycle Bin

Expected behavior

Claude Code should never execute rm commands that escape the project working directory. There should be:

  1. Path validation ensuring rm targets are within the project directory
  2. Sandbox restrictions preventing file operations outside the working directory
  3. Safeguards against broadly-scoped delete commands (e.g., rm -rf / or paths resolving to system directories)

Session info

  • Session ID (build session): fdff3c1a-3dfa-4dd7-8507-aabacdec79aa
  • Working directory: C:\Users\hyun-jh\001.C_Claude\010.Q dir\files\q-dir-8panel-project
  • The session file only retained 2 lines (progress/completion entries), so the exact rm command that caused this could not be recovered from logs

Additional context

  • The project folder was also synced with Google Drive (.tmp.driveupload present), which may have contributed to path resolution issues
  • The user had AhnLab antivirus running, which detected and blocked deletion of its own files but could not protect other files
  • This is a critical safety vulnerability that could affect any Windows user running Claude Code with Git Bash

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗