Cursor Cloud is redacting environment variable values found in code

alexandrosandre · February 26, 2026, 3:22pm

Where does the bug appear (feature/product)?

Background Agent (GitHub, Slack, Web, Linear)

Describe the Bug

Recently cloud/background agents have started to edit unrelated lines of code replacing values that match my env var values with [REDACTED]:

I have not requested this in any of my rules. It seems to be a Cursor automation.

Steps to Reproduce

create an env var with a common value, then create a background agent that edits a file that contains that value

Expected Behavior

not to edit nor redact existing code.

I can understand that for real secrets you may not want to write them to the repo, but this should only affect edited lines, not lines that already existed and weren’t edited by the agent. Thus it should not scan whole files but diffed lines only.

Screenshots / Screen Recordings

Operating System

MacOS

Version Information

Cursor Cloud!

For AI issues: which model did you use?

Composer 1.5

Does this stop you from using Cursor

Yes - Cursor is unusable

alexandrosandre · February 26, 2026, 3:25pm

I thought it could be related to GitHub Secret Scanning, but it is turned OFF in our repo.

alexandrosandre · February 26, 2026, 3:45pm

Seems to be Cursor Cloud’s own secret scanner which scans all edited files instead of only edited lines.

Workaround is not to have any env vars which aren’t really secrets but just configuration.

deanrie · February 26, 2026, 4:38pm

Hey, thanks for the report.

This is most likely related to how secrets marked as Redacted work in Cloud Agent settings. When a secret is classified as Redacted, its value gets stripped from everything the model can see, like file contents and tool outputs. So the model sees [REDACTED] instead of the real value and may write that back into the file as-is.

Quick question: are environment variables like AWS_DEFAULT_REGION marked as Redacted in the Cloud Agent settings?

If yes, a temporary workaround is to mark only real secrets as Redacted, like API keys, passwords, and tokens, and keep config values like region, project ID, and similar as normal (not redacted) secrets. Non-redacted secrets are still encrypted and injected as env vars, they just don’t trigger the scanning and replacement behavior.

Either way, I’ve flagged this to the team. Existing code being overwritten with [REDACTED] shouldn’t happen even for Redacted secrets.

Let me know if changing the Redacted classification helps.

alexandrosandre · February 26, 2026, 5:27pm

That makes sense.

Yes, this was a Redacted Secret and that was unnecessary. So changing that should work for this env var.

I understand that it works at read time and that causes the agent to submit it as a diff. Still a bug for existing secrets in the code that can be intentional, but it has less of a surface now, since that’s a bad practice.

deanrie · February 27, 2026, 4:30pm

Glad the reclassification helped. About the main bug, I’ve passed along to the team that Redacted secrets overwrite existing lines in the code. I can’t promise a specific timeline, but the report is logged.

If you run into this again with real secrets, let me know.

Jonas_Nelle · March 3, 2026, 8:37pm

This should be fixed now!

alexandrosandre · March 4, 2026, 7:07am

Awesome! Thanks!

Topic		Replies	Views
Cursor IDE Agent Reads .env file! Bug Reports context , security , anthropic	2	101	February 15, 2026
Cursor fails to edit files Bug Reports	4	74	March 5, 2026
Cursor IDE agent made changes outside of the open directory Bug Reports	2	138	December 13, 2025
AI code changes immediately revert on specific files Bug Reports chat , review	5	157	February 5, 2026
Cloud Agents cannot load default branch during environment setup and lose write access to GitHub despite correct App installation and org permissions Bug Reports teams-enterprise , cloud-agents , github	1	66	February 28, 2026