Hey, thanks for the report. This is a really serious situation, and I’m sorry it happened, especially twice.
Here’s what’s going on: the File-Deletion Protection and External-File Protection settings only protect against deletes done through Cursor’s built-in tools (the editor and file manager). But terminal commands like rmdir /s /q or Remove-Item -Recurse -Force run directly in the shell, so they can bypass those protections. The team is aware of the issue, and we’ve seen a few similar reports:
For now, the key workaround is: Cursor Settings > Agents > turn off “Auto-run mode”. This makes the agent ask for confirmation before every terminal command, so you can reject destructive commands before they run.
A few questions so we can track your case:
- What Cursor version are you on? (Menu > About Cursor > Copy)
- Was Auto-run mode enabled?
- Is there any chance you can recover the files from backups or recovery tools?
Let me know if you need help with anything else.