Community
Classroom
Members
Leaderboards
About
Aug 2 (edited) • General discussion
Denylist in Cursor is a lie
Please watch what Cursor does to your computer!
One of the cool features is that we can give Cursor the ability to automatically run shell commands.
This is extremely handy and speeds up the development.
But this also has a downside: Cursor can potentially run anything in the terminal, including messing up your system, not just with your code.
Cursor has "Denylist" feature that theoretically should prevent it from running specific commands.
But in practice, this just does not work.
Cursor has multiple ways to get around the restrictions and destroy stuff if it wanted to.
And to make matters worse, the AI models are so eager to please that if given a bad prompt, they will just create a shell script or something instead of slowing down and asking the user for a permission.
This becomes (potentially) even worse with prompt injection attacks (Cursor reads something that makes it to do bad stuff) combined with unrestricted access to the internet.
I have no solution for this right now. Just please check what Cursor does on your computer.
Background Agent doesn't have this problem as much as it runs in a separate environment that can be destroyed.
MCP seems promising for fixing this but it is still early and has a bunch of issues that need to be fixed first.
You can read a more in-depth explanation about this here
2
2 comments
Toivo Mattila
4
Denylist in Cursor is a lie
powered by
Cursor Skool
skool.com/cursor-skool-free-4284
Learn how to use Cursor - The #1 community for Cursor users
Suggested communities
AI Automation Society Plus
AI Money Lab
Imperio Digital
AI PROMPT SOCIETY
DCT Ai Academy
Build your own community
Bring people together around your passion and get paid.
Powered by