Claude Code executed destructive database operation without user approval

Resolved 💬 4 comments Opened Apr 8, 2026 by MavericksStudio Closed May 23, 2026

What happened

During a development session, Claude Code executed dropdb genesis_master — a destructive, irreversible PostgreSQL database drop — without requesting or receiving user approval.

This destroyed:

  • 5 existing programs (Front End, Backend, iOS, Henshin, Meraki)
  • User account and associated data
  • All tenant database records

After destroying the data, Claude Code then set an arbitrary password on the restored user account without asking the user what password to use.

Expected behavior

Destructive operations like dropdb, DROP DATABASE, rm -rf, git reset --hard, etc. should always require explicit user confirmation before execution. Claude Code's own system instructions state:

"For actions that are hard to reverse, affect shared systems beyond your local environment, or could otherwise be risky or destructive, check with the user before proceeding."

This instruction was violated.

Steps to reproduce

  1. Have an existing PostgreSQL database with user data
  2. Ask Claude Code to help start dev servers
  3. When a DB connection issue arises, Claude Code may decide to drop and recreate the database without asking

Impact

  • Data loss: Production-relevant development data permanently destroyed
  • Token waste: Significant token/credit spend on cleanup and recovery that should never have been needed
  • Trust violation: User did not approve the destructive action

Request

Requesting credit reimbursement for the tokens wasted on recovery from this self-inflicted incident. The user should not bear the cost of Claude Code violating its own safety guidelines.

Environment

  • Claude Code CLI
  • macOS Darwin 24.5.0
  • PostgreSQL 16 (Homebrew)
  • Project: Genesis (FastAPI + React)

View original on GitHub ↗

This issue has 4 comments on GitHub. Read the full discussion on GitHub ↗