Bug on Cursor agents window. When there are subagents working and they stop because there is a command to approve, there is a blue button “Allow”. The button works, the problem is anywhere you click triggers Allow.
If you click on the yellow dot, it will allow the command.
If you click on “Fix lucky patcher” it will allow the command
If you click on “Run pwd” it will allow the command.
If you click on “Allow”, of course, it will allow the command.
So user is not even allowed to inspect the command before allowing it.
Steps to Reproduce
Anything that uses subagents
Expected Behavior
Enter the subagent without triggering allow. About the screenshot, clicking on anywhere inside the red box will allow the command.
Hey, thanks for the clear report and the screenshot. This is a known issue with the hit area in the agents tray. The whole sub-agent row works like an Open button, so clicking anywhere in the row (name, command, dot) takes you to the sub-agent view where there’s a pending approval. That can look like Allow triggers from anywhere.
Improvements to this flow are already merged into the pre-release branch, but they haven’t made it into your stable 3.3.30 yet. I can’t share an ETA for the stable release. Once it ships, it’ll be mentioned in the release notes.
If I understood your report correctly, the command doesn’t run right away when you click the row. It opens the sub-agent view with pending approval. If you’re seeing different behavior, like the command actually starts without approval, please send the Request ID from the chat (Chat menu top right > Copy Request ID) and a short list of steps to reproduce, and we’ll take a look separately.
Clicking anywhere opens the subagent view + directly triggers the run, so I’m not even able to see which command is being run exactly, just which processes used the command (docker-compose, pwd, etc).
Hey, thanks for the Request ID and the extra detail. If the command is actually running, and it’s not just opening the subagent view with pending approval, then this isn’t the same janky issue I mentioned above and it sounds more serious.
To report this properly internally, can you add a couple details:
A short screen recording (5 to 10 seconds) showing a click on the row (not the Allow button), and then immediately the next moment where the command has already run instead of waiting for approval. A terminal screenshot with the output is also fine if recording is inconvenient.
Does this happen every time or only sometimes? And are commands running that you never explicitly approved, meaning it’s truly bypassing approval, or does it open the view and the command starts only after the view opens?
Do you have Auto-run or Run Everything enabled anywhere in the agent settings?
With that, I’ll file a separate issue. The fix is planned for the next stable. This one is specifically about the janky click UX around Allow, not about auto-executing without confirmation.
