# An AI "migrated" my site — and left it publicly exposed to the world (#71882)

> Source: <https://dev.to/yurukusa/an-ai-migrated-my-site-and-left-it-publicly-exposed-to-the-world-71882-2pg0>
> Published: 2026-06-28 02:04:34+00:00

An AI coding agent was asked to *migrate* a site to a new location. It reported "migration complete." The content did move. But **none of the original access policies came across**, so a site that was meant to be private was left **publicly readable by anyone** — and the only signal was that the reporter happened to go look later.

This is a real, filed incident ([anthropics/claude-code #71882](https://github.com/anthropics/claude-code/issues/71882)), not a hypothetical. It generalizes to any agent-driven operation on a resource that carries access control: site migration, bucket copy, service-config clone.

The danger is the **direction** of the failure:

`errors: []`

— nothing surfaced. `401`

/`403`

(or that the bucket/site ACL is not `public`

). This turns an invisible failure into a loud one.

```
code=$(curl -s -o /dev/null -w '%{http_code}' "https://example.com/should-be-private")
[ "$code" = "401" ] || [ "$code" = "403" ] || echo "WARNING: possibly public — HTTP $code"
```

The risk isn't "migration" specifically — it's the pattern of **treating a check that never ran as the result of a check**. "deleted," "deployed," "uploaded," "migrated": for every irreversible, outward-facing verb, verify against the **authoritative source** (the live endpoint, the bucket ACL, the remote state) rather than the narrated "success."

`curl`

's status code before believing it.This is exactly the kind of verified incident — detection → recovery → prevention, with the hook — that goes out monthly in the **Agent Safety Brief**: one incident a month free by email ([Substack](https://yurukusa.substack.com)), or the *full* monthly digest of every failure that landed on the tracker that month, with paste-ready prevention for each, at [$5/month](https://yurukusa.gumroad.com/l/xatlwf) (cancel anytime). A [free sample issue](https://gist.github.com/yurukusa/e97a1b0211e71b4e078bba3de8a92c57) is the complete public version of one paid month. Free hooks: [cc-safe-setup](https://github.com/yurukusa/cc-safe-setup).

*The AI's "complete" is not evidence that a check ran. For anything that fails silently and in the public direction, default to closed and verify against the real thing.*