Describe the Bug
Before Cursor 1.0 we relied on using the direnv VS Code plugin to load a .env file (among other things) that contained per-user secrets for the MCP servers we had configured on the project level. This allowed us to centrally configure, whilst personally authenticating to both the official Github MCP server as well as some custom ones.
Since the update to the MCP server management in 1.0, it seems that Cursor’s ENV is no longer forwarded to the context of the MCP servers, thus breaking this integration.
Steps to Reproduce
- Configure
direnvVS Code Plugin - Add an
.envrcfile in the root of your project with the linedotenv - Add a
.cursor/mcp.jsonfile with contents:
{
"mcpServers": {
"github": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-e",
"GITHUB_PERSONAL_ACCESS_TOKEN",
"ghcr.io/github/github-mcp-server"
]
}
}
}
- Add a
.envfile to the root of the repository withGITHUB_PERSONAL_ACCESS_TOKENspecified - Try on version
1.0of Cursor
Expected Behavior
The MCP server starts and uses the GITHUB_PERSONAL_ACCESS_TOKEN for authorization towards Github
Operating System
Linux
Current Cursor Version (Menu → About Cursor → Copy)
Version: 1.0.0
VSCode Version: 1.96.2
Commit: 53b99ce608cba35127ae3a050c1738a959750860
Date: 2025-06-04T19:25:40.367Z (2 days ago)
Electron: 34.5.1
Chromium: 132.0.6834.210
Node.js: 20.19.0
V8: 13.2.152.41-electron.0
OS: Linux x64 6.12.27-amd64
Additional Information
I have downgraded to 0.51.2 again.
Does this stop you from using Cursor
Yes - Cursor is unusable
I should make a reservation to this bug report in that it may be the entire direnv plugin is broken in Cursor 1.0 and not just the MCP integration. We also have noticed that the $PATH (which we also modify using the direnv VS Code plugin) in the VS Code shell doesn’t work anymore either.