AI Coding Tools Are Destroying SSDs: What Your Acceptable Use Policy Must Address

TL;DR: A bug in OpenAI Codex CLI was silently writing 640 TB/year to developer SSDs through an out-of-control SQLite logger. OpenAI merged fixes on June 22, 2026, but the incident reveals a governance gap most teams have not addressed. Acceptable-use policies typically cover data privacy and IP risk. They rarely cover infrastructure damage, cloud cost overruns, or hardware wear from agentic AI tools running autonomously on company endpoints.

What happened with OpenAI Codex

On June 22, 2026, developers began reporting that OpenAI Codex CLI was destroying their SSDs. The culprit: a SQLite log file hidden at ~/.codex/logs_2.sqlite that was recording every network event in TRACE mode, including the most granular telemetry, and writing it to local disk continuously.

One developer tracked 37 TB of writes after 21 days of uptime. Extrapolated, that is approximately 640 TB per year. A typical consumer SSD has a rated write endurance of 300 to 600 TB total over its lifetime. A developer running Codex CLI normally could wear out their drive in under 12 months without knowing anything was wrong.

OpenAI closed the bug report and merged two fixes on June 22 that eliminate roughly 85% of the excessive writes. A Linux/macOS workaround exists: symlinking ~/.codex/logs_2.sqlite to /tmp/ redirects writes to RAM instead of disk. Windows users need the patch.

The bug was fixed. But the governance question it raised has not been.

Why this is a governance gap most AUPs miss

Most acceptable-use policies for AI tools address three categories of risk:

1. Data privacy: what data can and cannot be sent to external AI systems
2. IP and confidentiality: protecting source code, trade secrets, and client data
3. Output quality and accuracy: who is responsible for AI-generated work product

What they almost never address: infrastructure impact. When AI tools run on company hardware, they can consume storage, memory, compute, and network resources in ways that damage assets or generate unexpected costs. The Codex SSD bug is the clearest recent example, but it is not the only one.

The Codex incident is a preview of what agentic AI tools (tools that run autonomously, take actions, and persist state locally) will increasingly do to company endpoints that have no governance guardrails around resource consumption.

Three categories of infrastructure risk from AI coding tools

1. Storage wear from logging and caching

Agentic AI coding tools maintain local state. Codex CLI logs interactions. Cursor and Windsurf cache model context and conversation history. GitHub Copilot Workspace tracks file diffs. When these systems write aggressively to disk, whether by design or by bug, SSD endurance is consumed on a timeline no hardware refresh cycle accounts for.

The risk is not only catastrophic failure. Incremental wear shortens drive life, increases the probability of data loss in year 3 or 4, and can void manufacturer warranties if write totals exceed rated endurance.

Policy gap: most AUPs say nothing about AI tool storage behavior on company endpoints.

2. Compute and cloud cost overruns from overnight runs

Agentic tools are designed to run unattended. A developer kicks off a Codex task at 5pm, leaves, and the agent runs for eight hours against the API, generating tokens and incurring costs against a company-issued API key. At scale, unmonitored overnight runs create billing surprises that do not show up until the monthly invoice.

The same applies to local compute. Tools that run local models (Cursor with local Ollama, Copilot with local inference) can saturate CPU and GPU for hours, affecting battery life on laptops and generating heat in ways that accelerate hardware aging.

Policy gap: most AUPs do not set consumption limits or require overnight run approval.

3. Network and bandwidth from model downloads

AI coding tools pull large model files. Cursor downloads multi-gigabyte context models. GitHub Copilot extension updates ship model weights. On-premises deployments of code assistance tools can generate sustained high-bandwidth traffic that saturates shared office networks or corporate VPN capacity.

On metered connections or in locations with bandwidth caps, this creates real cost exposure. On corporate networks monitored by IT security, unexpected large downloads can trigger alerts or throttling that affects other employees.

Policy gap: most AUPs do not distinguish between standard SaaS usage and the sustained infrastructure load of locally-running AI tools.

What your AUP needs to add: 6 specific clauses

1. Approved endpoint requirement AI coding tools that run locally (CLI tools, locally-installed agents) may only be installed on IT-approved endpoints with current asset management software. Unapproved personal devices are excluded.

2. Storage consumption limit AI tools installed on company endpoints must not generate more than [X] GB of local writes per day. Employees who observe unexpected disk activity from an AI tool must report it to IT within 24 hours.

3. Overnight and unattended run approval Running AI agents or automation scripts unattended for more than [2/4/8] hours requires written approval from a manager and notification to IT. API keys used for unattended runs must be scoped to cost limits.

4. API cost accountability Employees using company-issued API keys are responsible for the costs generated. Keys must be rotated every [30/90] days. Usage must be reviewed monthly. Unusual spikes must be reported.

5. Model download and network use Downloading AI model weights to company devices or networks requires IT approval for files exceeding [1 GB]. Tools that pull model updates automatically must be configured to do so on off-peak hours or through approved channels.

6. Hardware damage accountability Employees who knowingly run AI tools that exceed manufacturer-rated storage endurance limits, or who ignore IT guidance on mitigating known tool bugs (such as the Codex SSD logging issue), may be held responsible for hardware replacement costs under the company's asset protection policy.

How to audit which AI coding tools are in use

The Codex incident affected developers who installed the tool for legitimate productivity reasons. Most of them had no idea it was damaging their hardware. The same pattern applies to your organization: engineers are using AI coding tools that IT does not know about, on endpoints that are not monitored for this risk.

Audit steps:

1. Endpoint software inventory: run an inventory scan for Codex CLI, Cursor, Windsurf, GitHub Copilot, Tabnine, Amazon Q Developer, and other AI coding tools. Most MDM platforms can report installed applications.

2. Expense report review: scan the past six months of expense reports and corporate card transactions for AI subscriptions (openai.com, cursor.sh, anysphere, github.com/features/copilot).

3. Engineering manager survey: ask engineering team leads to list which AI coding tools their teams use. Self-reporting catches tools installed via personal accounts that do not appear in corporate billing.

4. Network log review: look for outbound traffic to known AI tool endpoints: api.openai.com, api.cursor.sh, copilot.githubusercontent.com. Sustained high-volume traffic to these endpoints during off-hours may indicate unattended agent runs.

5. Disk write monitoring: on endpoints where AI tools are known to be installed, check total drive writes against manufacturer TBW ratings. Any device showing write totals more than 50% of rated endurance should be flagged for replacement planning.

Practical checklist: 8 items for IT and compliance teams

• 1. Identify all AI coding tools installed on company endpoints (MDM inventory scan)
• 2. Update Codex CLI to the post-June 22 version or apply the symlink workaround for affected systems
• 3. Check SSD write totals on developer machines where Codex was used before the fix
• 4. Add infrastructure risk clauses to your acceptable-use policy (six clauses above)
• 5. Set per-user API cost limits on company-issued OpenAI and Anthropic keys
• 6. Configure overnight run approval in your AI governance process
• 7. Add AI coding tool storage and compute behavior to your next security awareness training
• 8. Review your hardware refresh budget; if Codex ran for months pre-fix, some SSDs may need early replacement

The broader lesson

The Codex SSD bug is not a one-off. It is a preview of the infrastructure governance questions that agentic AI tools will keep generating. Tools that run autonomously, maintain local state, call external APIs, and take actions on files introduce risks that did not exist when AI meant a web-based chat interface.

Acceptable-use policies written in 2023 or 2024 are almost certainly incomplete. They were written for tools you query, not tools that run. Updating them to address infrastructure risk is now a maintenance task, not a future consideration.

The Codex fix is available. The policy update is on you.

Related Reading

• Shadow AI policy for small teams 2026
• AI acceptable use policy guide 2026
• Unattended AI coding agents governance policy 2026
• TypeScript AI agent security incident response playbook
• AI governance guide for small teams