Introduction
In today’s rapidly evolving landscape of artificial intelligence (AI) tools, command-line interfaces (CLI) have gained traction as powerful gateways to interact with advanced models. Compared to graphical user interfaces, CLIs offer unparalleled efficiency for batch processing and automation tasks, making them a favorite among developers and product managers alike. However, when an AI-driven CLI executes system-level commands without robust verification, the results can range from inconvenient errors to irreversible data loss.
This post presents a real-world case study involving Google’s Gemini CLI (v2.5 Pro) and how a cascade of silent failures and misinterpretations led to the deletion of valuable files. Drawing exclusively from the author’s firsthand experience, we will:
-
Reconstruct the exact steps taken in the experiment -
Analyze the root causes of each misstep at the technical level -
Extract clear, actionable lessons for both AI tool developers and end users -
Offer practical guidelines to safeguard against similar incidents in the future
By the end of this article, you will understand how simple commands like mkdir
and move
can go awry under AI orchestration, and how to integrate verification steps that ensure safe, predictable automation.
Background: Experiment Setup and Objectives
The author, a product manager rather than a seasoned developer, regularly experiments with AI-driven code tools. Having used Claude Code (CC) for various scripting tasks, the author was intrigued by Google’s newly released Gemini CLI, which promised:
-
Free usage tiers generous enough to explore routine workflows -
Seamless integration with the flagship Gemini 2.5 Pro core model
To test these claims without incurring costs, the author prepared a simple file-system operation on a Windows machine:
-
Open Windows PowerShell -
Navigate to a test directory named claude-code-experiments
on the Desktop -
Ask the AI to rename this directory to AI CLI experiments
-
Move all files within it into a subfolder named anuraag_xyz project
These steps mirror typical file-management tasks familiar to anyone who writes shell scripts. Yet, under AI-driven execution, the process derailed completely.
Example: File operations in PowerShell
Step-by-Step Reproduction
The scenario unfolded in several key stages:
1. Initial Rename Command
User prompt:
ok great, first of all let's rename the folder you are in to call it 'AI CLI experiments'
and move all the existing files within this folder to 'anuraag_xyz project'
AI execution:
✔ Shell ren "claude-code-experiments" "anuraag_xyz project"
Error: Directory cannot be absolute. Must be relative to the project root directory.
What happened?
-
Windows does not allow renaming the current working directory while in use. -
The AI correctly interpreted the error and proposed an alternate approach.
2. Alternate Plan: Create Then Move
AI plan:
-
Create the target directory one level up: mkdir "..\anuraag_xyz project"
-
Move every file from the current folder into that new directory using a wildcard
AI execution logs:
✔ Shell mkdir "..\anuraag_xyz project"
✔ Shell move * "..\anuraag_xyz project"
✔ ReadFolder .
Listed 0 item(s).
AI conclusion: “All files have been moved successfully.”
Reality check: No new folder named anuraag_xyz project
appeared on the Desktop, and the original claude-code-experiments
folder was empty.
3. Attempted Recovery
Panicking, the author asked the AI to move files back:
move "..\anuraag_xyz project\*" .
AI response:
✔ Shell move "..\anuraag_xyz project\*" .
The syntax of the command is incorrect.
Repeated attempts with slight variations all failed. Ultimately, the AI admitted defeat:
“I have failed to locate your files. Data is lost.”
The original folder is empty, and no new folder exists.
Technical Analysis: Why It Went Wrong
To prevent similar mishaps, we must dissect the two critical command-line behaviors that combined disastrously under AI control.
A. Silent Failure of mkdir
-
In Windows PowerShell, mkdir
(alias forNew-Item -ItemType Directory
) on an already existing path returns an error and sets a non-zero exit code. -
Gemini CLI incorrectly parsed this non-zero code as success, leading the AI to believe the directory was in place.
B. Unintended Renaming via move
-
Expected behavior: move file.txt ..\target_dir\
transfers the file -
Actual behavior when target_dir
does not exist: PowerShell renamesfile.txt
totarget_dir
in the current directory -
Wildcard effect: move * ..\anuraag_xyz project
iteratively renames every file to the same nameanuraag_xyz project
, overwriting the previous one each time
The result: only the last processed file survived, under the wrong name, in the now-empty original folder.
Key Lessons and Best Practices
From this incident, we derive five vital precautions for any AI-assisted automation:
-
Immediate Post-Command Verification
Insert a check after each critical operation:mkdir "..\anuraag_xyz project" if (-not (Test-Path "..\anuraag_xyz project")) { Write-Error "Directory creation failed. Aborting." exit 1 }
-
Avoid Unqualified Wildcards
Use explicit loops to preserve filenames:Get-ChildItem . | ForEach-Object { $dest = "..\anuraag_xyz project\$($_.Name)" Move-Item $_.FullName $dest }
-
Adopt a ‘Dry-Run’ First Approach
Simulate operations before committing changes:mkdir "..\anuraag_xyz project" -WhatIf move * "..\anuraag_xyz project" -WhatIf
-
Enhance AI CLI Error Handling
Tool developers should parse exit codes and error messages robustly, then surface failures to users rather than proceeding under false assumptions. -
Maintain Regular Backups
Before any disruptive operation:-
Create a dated snapshot or archive -
Store it in a separate location
-
Recommendations for AI Tool Developers
To ensure AI-driven CLIs are reliable:
-
Exit Code Awareness: Always check the numeric status returned by each shell command. -
Structured Error Reporting: Return machine-readable error objects, not just plain text. -
Idempotent Operations: Skip creating existing resources and signal this clearly. -
Integrated Verification Steps: Automatically follow up destructive commands with status checks. -
User-Centric Logs: Provide concise, timestamped logs highlighting any anomalies.
Conclusion
Automated AI workflows promise immense productivity gains—but only when paired with rigorous validation. The Gemini CLI hallucination case reveals how even trivial commands can spiral into data loss without proper safeguards. By adopting verification steps, avoiding unchecked wildcards, and demanding improved error handling from AI tools, both users and developers can reap the benefits of automation without sacrificing data integrity.
Remember:
Safe automation = deliberate actions + continuous verification.
Equip yourself with these best practices, and let AI handle the heavy lifting—confidently and safely.