A Claude Code agent deleted 717 GB of a guy's Windows install with one backslash.
The command was supposed to remove a project folder. But the escape character collapsed across four different shell parsers.
What cmd actually received: rd /S /Q \
A single backslash. Root of C:. Delete everything.
90 seconds of damage. Desktop, Documents, AppData, most of Program Files, gone.
The guy survived because he had a backup on a separate physical disk. The AI didn't save him. The backup did.
Three rules if you're letting any AI agent run destructive commands on your machine:
→ Make it echo the expanded command before executing. If it had printed what cmd would actually receive, the bug was visible.
→ Run destructive commands with -WhatIf or --dry-run first. Every time.
→ Keep backups on a disk the command has no path to.
The prompt engineering conversation is moving past "write better prompts." It's now "how do you build guardrails around agents that run real commands on real systems."
Most people aren't ready for that conversation yet.