Something happened today that should not have happened. All my secrets were automatically pulled from my aws secrets data. Totally automatic by ai. The code we were reviewing did have this functionality, I just never expected ai to act upon it and retrieve all my secrets.
This is the error. I’m missing a secret key
I do remember that Cursor used to ask me to execute commands. I was thinking I may have accidentally turned on automatically (totally not like me), maybe it was an update, or maybe Cursor is now executing commands at will.
I need whitelist/blacklist capabilities as AI should not be allowed to examine my security code and act up it at will, using my dev box credentials. This is a HUGE security vulnerability.
I want to disable automatic run_terminal_cmd
Upon further inspection, ai generated some keys (incorrectly) and uploaded them to aws secretsmanager. Wow.
I asked why ai did that.
Lies…
I personally think this is amazing functionality, but there needs to be a way to restrict access to specific commands (ie aws secretmanager), or at the very least totally disable autorun of proposed commands.
what AI bot were you using? How did it get your AWS permissions originally?
Thank you for your response. The AI bot as set to ‘auto’, so I’m not sure which model, I refer to the bot generically as Claude.
AWS CLI on my dev box is configured with admin access. It is preconfigured using “aws configure” and entering the required security keys, therefore any open terminal on my mac has aws admin access, which is required for development work.
This problem showed up while working within a terragrunt project. I’ve since noticed the AI bot will frequently execute terragrunt commands to diagnosis issues, as well as running ansible playbooks.
I don’t like the AI bot having the ability to execute commands which can directly access my infrastructure and secrets using my personal credentials.
There needs to be a way to allow the AI bot to ASK if it can execute commands vs automonomous execution.
Thanks for all the help Cursor Community! This forum is AMAZING!
