Many developers rely on .env files to store sensitive environment variables, such as API keys, database credentials, and service tokens. These files are intended to be private.
I discovered that Cursor AI can read the .env file when prompted, and sometimes even without an explicit request, exposing all secrets in plaintext and potentially sending them to the AI service provider. I understand that developers can use .gitignore or a .cursorignore file to prevent this, but not everyone knows about these safeguards.
I genuinely thought that something was done to protect .env files directly, since the AI usually never creates them for us. I am not sure if this behavior is intended or a bug, but I believe it represents a serious security risk and should be addressed.
It would be great if Cursor implemented safeguards to prevent AI from reading .env files directly or added warnings when such sensitive files are accessed.