You should know that you are supposed to open the CLI (Claude Code, Gemini, ...) in your project directory and only use it to modify files within your project directory. This is meant to protect from problems like this.
Your "straightforward instruction": "ok great, first of all let's rename the folder you are in to call it 'AI CLI experiments' and move all the existing files within this folder to 'anuraag_xyz project'" clearly violates this intended barrier.
However, it does seem that Gemini pays less attention to security than Claude Code. For example, Gemini will happily open in my root directory. Claude Code will always prompt "Do you trust this directory? ..." when opening a new folder.
Your "straightforward instruction": "ok great, first of all let's rename the folder you are in to call it 'AI CLI experiments' and move all the existing files within this folder to 'anuraag_xyz project'" clearly violates this intended barrier.
However, it does seem that Gemini pays less attention to security than Claude Code. For example, Gemini will happily open in my root directory. Claude Code will always prompt "Do you trust this directory? ..." when opening a new folder.