Hey, thanks for the report.
This is a known issue. The agent can sometimes go outside explicit instructions even with rules in .cursorrules. The team is working on improving scope and boundary adherence.
A few details that would help us pass this to engineering:
- Can you share the contents of your
note_of_shame.txtfiles? Concrete examples help the team spot patterns. - For one of the problematic sessions, please grab the Request ID: Chat context menu (top right) > Copy Request ID. This helps engineers find the relevant logs.
- Which model are you using? I saw Claude Sonnet 4.5 mentioned, but can you confirm whether it’s via Cursor or your own API key?
Workarounds for now, not perfect but may help:
- Try shorter, more directive instructions instead of long rule sets
- Explicitly list the allowed files, for example: “Modify ONLY file.ts. Do NOT touch any other files.”
- The Review panel lets you reject unwanted changes before you apply them
Related discussion: Why the push for Agentic when models can barely follow a single simple instruction?