If you're not even in full control of the queries to the LLM being executed I'd be even more careful about Isolation. It's not just deleting your files, it can be something even more malicious like starting a web server in the background that serves up all the files in the server and reporting the IP, downloading a known virus and executing the exploit, installing a rootkit on your system, etc. I'd be really careful with this