Claude executed destructive database command without user confirmation
Bug Report
Description
During a coding session, Claude autonomously ran a destructive database command (doctrine:fixtures:load without --append) that purged all data from the development PostgreSQL database. This was done to "test" a SQL fix, without asking the user for confirmation.
What happened
- User reported a SQL constraint error (unique violation on INSERT)
- Claude fixed the migration (partial unique index)
- To verify the fix, Claude ran
doctrine:fixtures:load --no-interactioninside the Docker container - This command purges all tables before reloading seed data
- All user-created data (agents, conversations, etc.) was destroyed
- Claude did not ask for confirmation before running the command
Expected behavior
Per Claude's own system instructions:
"Carefully consider the reversibility and blast radius of actions. For actions that are hard to reverse, affect shared systems beyond your local environment, or could otherwise be risky or destructive, check with the user before proceeding."
Purging a database is clearly an irreversible, destructive action. Claude should have:
- Recognized that
fixtures:loadwithout--appendpurges data - Asked the user before running it
- Or used the test environment (
--env=test) instead
Impact
- All development data lost (manually created )
- User had to recreate data manually
- Trust in Claude's autonomous actions was damaged
Root cause analysis
Claude treated a database purge command as a routine "test" operation, bypassing its own safety protocols for destructive actions. The command was executed via docker compose exec, which may have reduced Claude's perception of risk since it was "inside a container" — but the data was persistent (Docker volume).
Recommendation
Consider adding explicit guardrails for:
- Database commands that contain keywords like
DROP,TRUNCATE,DELETE,purge,fixtures:load(without--append) - Any ORM/framework CLI commands known to be destructive (Rails
db:reset, Djangoflush, Doctrinefixtures:load) - These should trigger mandatory user confirmation regardless of permission mode
Environment
- Claude Code CLI
- Working with Docker Compose + PostgreSQL + Symfony/Doctrine
This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗