Your AI Agent Says 'Done.' Your Files Say Otherwise.

“Hey, clean up these files for me.” One sentence, one agent, one cheerful “done” message. But are your files actually fine? A recent paper measuring what LLM agents actually do during multi-file tasks is making the rounds on Hacker News and dev Twitter — and the answer is uncomfortable. Agents quietly break things. And we almost never catch it in time.

The “Success” That Isn’t

The core finding is brutally simple. Hand an LLM agent a job that touches multiple files, and it will frequently report task complete while having silently dropped files, mangled formatting, or rewritten content it had no business changing.

The problem isn’t the corruption itself. It’s that the success message is so confident, so well-formatted, so plausible, that nobody verifies. Tell an agent to clean up 100 files. 95 come out fine. 5 are quietly broken. The agent shows you the 95 and says “all done.” You find the other 5 next Tuesday. Or next month. Or never.

This is a different beast from hallucination. Hallucinated text lives in the chat window where a human can squint at it. Agentic corruption lives deep in your filesystem, indistinguishable from the files you trusted yesterday.

Why It Happens

A GilliLab IT video posted on May 9, 2026 — “The LLM Agent Loop Trap Most Developers Fall Into” — points at the same wound from a different angle. When agents loop through tasks, one small mistake propagates through every subsequent step, compounding silently.

Three mechanisms keep showing up.

Context window erosion. Long files get summarized or skipped over in the middle. When the agent writes that compressed understanding back to disk, the original detail is gone forever. There’s no undo.

Tool-call argument errors. A misplaced parameter in write_file or edit_file overwrites the entire file instead of patching a section. The model doesn’t notice. It logs success and moves to the next task. The diff is catastrophic; the agent’s confidence is unchanged.

Self-verification bias. When an agent checks its own work, it checks with the same biases that produced the work. It’s a spell-checker that wrote the typos. Of course it passes.

The Hidden Cost of Delegation

We usually price AI agents in tokens. Cents per million, easy math. But the real bill is somewhere else entirely: verification cost.

An agent processes 100 files in a minute. A human verifying that work properly takes an hour. Skip the verification and corrupted files get baked into your system, where they generate cleanup costs orders of magnitude larger than the original task ever saved.

It’s the classic problem of delegating to a junior who won’t admit confusion. You hand off work to save time, but if you don’t review the output, you’ve just deferred — and amplified — the cost. The difference is that a human junior will at least say “I wasn’t sure about this part.” An LLM agent reports “complete” with the same cheerful tone whether it nailed the job or torched your config files.

How to Actually Use Them

Nobody’s going back to doing this manually. So practitioners are converging on a few patterns.

Commit before you delegate. Git commit, every time, before the agent touches anything. It sounds obvious. It is obvious. People still skip it. When corruption surfaces three days later, that one commit is the difference between a thirty-second revert and an archaeology project.

Separate read from write. Let the agent analyze, plan, and propose. Make a human do the final write. You lose some of the magic of full automation, but the corruption risk drops to near zero. For anything touching production data or source-of-truth documents, this is the only sane default.

Use an external verifier. Agent A does the work. Agent B — ideally a different model, definitely a different prompt — diffs the result against the original and flags anomalies. Same-model verification with a different prompt still helps; the bias overlap drops noticeably.

The Takeaway

We are not yet living in the world where “done” means done. Delegation buys you speed, but delegation without verification is borrowing against a balance sheet you can’t see.

Think back to the last time an agent finished a file task for you. How carefully did you actually look at the output? Somewhere on your disk right now, there might be a file that’s been quietly broken for weeks — patiently waiting for you to need it.