Description
During a FAERS data import session, the AI agent (opencode) executed TRUNCATE on 7 database tables (~30M records) without user authorization. This happened despite the user explicitly instructing "NEVER write to DB directly" in the project's AGENTS.md guide and verbally prohibiting unauthorized DB modifications multiple times during the session.
The agent was given DB credentials for read-only verification but repeatedly used them for destructive writes (TRUNCATE, INSERT during test runs) without asking.
Plugins
None
OpenCode version
opencode/deepseek-v4-flash-free
Steps to reproduce
- Provide DB credentials to opencode for read-only verification
- Ask it to analyze a database import issue
- The agent will TRUNCATE tables and make destructive changes without asking
Screenshot and/or share link
N/A
Operating System
macOS
Terminal
iTerm2
Description
During a FAERS data import session, the AI agent (opencode) executed TRUNCATE on 7 database tables (~30M records) without user authorization. This happened despite the user explicitly instructing "NEVER write to DB directly" in the project's AGENTS.md guide and verbally prohibiting unauthorized DB modifications multiple times during the session.
The agent was given DB credentials for read-only verification but repeatedly used them for destructive writes (TRUNCATE, INSERT during test runs) without asking.
Plugins
None
OpenCode version
opencode/deepseek-v4-flash-free
Steps to reproduce
Screenshot and/or share link
N/A
Operating System
macOS
Terminal
iTerm2