Introduction

In today’s rapidly evolving landscape of artificial intelligence (AI) tools, command-line interfaces (CLI) have gained traction as powerful gateways to interact with advanced models. Compared to graphical user interfaces, CLIs offer unparalleled efficiency for batch processing and automation tasks, making them a favorite among developers and product managers alike. However, when an AI-driven CLI executes system-level commands without robust verification, the results can range from inconvenient errors to irreversible data loss.

This post presents a real-world case study involving Google’s Gemini CLI (v2.5 Pro) and how a cascade of silent failures and misinterpretations led to the deletion of valuable files. Drawing exclusively from the author’s firsthand experience, we will:

  1. Reconstruct the exact steps taken in the experiment
  2. Analyze the root causes of each misstep at the technical level
  3. Extract clear, actionable lessons for both AI tool developers and end users
  4. Offer practical guidelines to safeguard against similar incidents in the future

By the end of this article, you will understand how simple commands like mkdir and move can go awry under AI orchestration, and how to integrate verification steps that ensure safe, predictable automation.

Background: Experiment Setup and Objectives

The author, a product manager rather than a seasoned developer, regularly experiments with AI-driven code tools. Having used Claude Code (CC) for various scripting tasks, the author was intrigued by Google’s newly released Gemini CLI, which promised:

  • Free usage tiers generous enough to explore routine workflows
  • Seamless integration with the flagship Gemini 2.5 Pro core model

To test these claims without incurring costs, the author prepared a simple file-system operation on a Windows machine:

  1. Open Windows PowerShell
  2. Navigate to a test directory named claude-code-experiments on the Desktop
  3. Ask the AI to rename this directory to AI CLI experiments
  4. Move all files within it into a subfolder named anuraag_xyz project

These steps mirror typical file-management tasks familiar to anyone who writes shell scripts. Yet, under AI-driven execution, the process derailed completely.

PowerShell File Operations
Example: File operations in PowerShell

Step-by-Step Reproduction

The scenario unfolded in several key stages:

1. Initial Rename Command

User prompt:

ok great, first of all let's rename the folder you are in to call it 'AI CLI experiments'
and move all the existing files within this folder to 'anuraag_xyz project'

AI execution:

✔ Shell ren "claude-code-experiments" "anuraag_xyz project"
Error: Directory cannot be absolute. Must be relative to the project root directory.

What happened?

  • Windows does not allow renaming the current working directory while in use.
  • The AI correctly interpreted the error and proposed an alternate approach.

2. Alternate Plan: Create Then Move

AI plan:

  1. Create the target directory one level up: mkdir "..\anuraag_xyz project"
  2. Move every file from the current folder into that new directory using a wildcard

AI execution logs:

✔ Shell mkdir "..\anuraag_xyz project"
✔ Shell move * "..\anuraag_xyz project"
✔ ReadFolder .
Listed 0 item(s).

AI conclusion: “All files have been moved successfully.”

Reality check: No new folder named anuraag_xyz project appeared on the Desktop, and the original claude-code-experiments folder was empty.

3. Attempted Recovery

Panicking, the author asked the AI to move files back:

move "..\anuraag_xyz project\*" .

AI response:

✔ Shell move "..\anuraag_xyz project\*" .
The syntax of the command is incorrect.

Repeated attempts with slight variations all failed. Ultimately, the AI admitted defeat:

“I have failed to locate your files. Data is lost.”

Empty Folder and Missing Files
The original folder is empty, and no new folder exists.

Technical Analysis: Why It Went Wrong

To prevent similar mishaps, we must dissect the two critical command-line behaviors that combined disastrously under AI control.

A. Silent Failure of mkdir

  • In Windows PowerShell, mkdir (alias for New-Item -ItemType Directory) on an already existing path returns an error and sets a non-zero exit code.
  • Gemini CLI incorrectly parsed this non-zero code as success, leading the AI to believe the directory was in place.

B. Unintended Renaming via move

  • Expected behavior: move file.txt ..\target_dir\ transfers the file
  • Actual behavior when target_dir does not exist: PowerShell renames file.txt to target_dir in the current directory
  • Wildcard effect: move * ..\anuraag_xyz project iteratively renames every file to the same name anuraag_xyz project, overwriting the previous one each time

The result: only the last processed file survived, under the wrong name, in the now-empty original folder.

Key Lessons and Best Practices

From this incident, we derive five vital precautions for any AI-assisted automation:

  1. Immediate Post-Command Verification
    Insert a check after each critical operation:

    mkdir "..\anuraag_xyz project"
if (-not (Test-Path "..\anuraag_xyz project")) {
  Write-Error "Directory creation failed. Aborting."
  exit 1
}

  2. Avoid Unqualified Wildcards
    Use explicit loops to preserve filenames:

    Get-ChildItem . | ForEach-Object {
  $dest = "..\anuraag_xyz project\$($_.Name)"
  Move-Item $_.FullName $dest
}

  3. Adopt a ‘Dry-Run’ First Approach
    Simulate operations before committing changes:

    mkdir "..\anuraag_xyz project" -WhatIf
move * "..\anuraag_xyz project" -WhatIf

  4. Enhance AI CLI Error Handling
    Tool developers should parse exit codes and error messages robustly, then surface failures to users rather than proceeding under false assumptions.

  5. Maintain Regular Backups
    Before any disruptive operation:

    • Create a dated snapshot or archive
    • Store it in a separate location

Recommendations for AI Tool Developers

To ensure AI-driven CLIs are reliable:

  • Exit Code Awareness: Always check the numeric status returned by each shell command.
  • Structured Error Reporting: Return machine-readable error objects, not just plain text.
  • Idempotent Operations: Skip creating existing resources and signal this clearly.
  • Integrated Verification Steps: Automatically follow up destructive commands with status checks.
  • User-Centric Logs: Provide concise, timestamped logs highlighting any anomalies.

Conclusion

Automated AI workflows promise immense productivity gains—but only when paired with rigorous validation. The Gemini CLI hallucination case reveals how even trivial commands can spiral into data loss without proper safeguards. By adopting verification steps, avoiding unchecked wildcards, and demanding improved error handling from AI tools, both users and developers can reap the benefits of automation without sacrificing data integrity.

Remember:

Safe automation = deliberate actions + continuous verification.

Equip yourself with these best practices, and let AI handle the heavy lifting—confidently and safely.