Cursor not honoring command allowlist

aldentharwood · November 7, 2025, 12:48am

Where does the bug appear (feature/product)?

Cursor IDE

Describe the Bug

I only have a small subset of commands allowlisted, and one of them is cd. Cursor is now able to run ANY command because it runs cd first into the directory, then &&'s another command. the allowlist clearly only looks at the first command (cd), so it allows it. Pretty brutal edge case

Steps to Reproduce

I only have a small subset of commands allowlisted, and one of them is cd. Cursor is now able to run ANY command because it runs cd first into the directory, then &&'s another command. the allowlist clearly only looks at the first command (cd), so it allows it. Pretty brutal edge case

Expected Behavior

Follow the allowlist

Operating System

MacOS

Current Cursor Version (Menu → About Cursor → Copy)

Version: 2.0.60
VSCode Version: 1.99.3
Commit: c6d93c13f57509f77eb65783b28e75a857b74c00
Date: 2025-11-05T00:50:54.645Z
Electron: 37.7.0
Chromium: 138.0.7204.251
Node.js: 22.20.0
V8: 13.8.258.32-electron.0
OS: Darwin arm64 24.6.0

Does this stop you from using Cursor

Sometimes - I can sometimes use Cursor

sanjeed5 · November 7, 2025, 11:34am

Thanks for the report, I’ve raised it with the team.

aldentharwood · November 14, 2025, 6:43pm

@sanjeed5 any update here? this is actually a pretty brutal bug and is really slowing down our development since we had to turn command allowlisting off entirely to avoid it having free reign over any commands. It runs cd before everything, so we had to remove that and thus now have to approve every single command run

sanjeed5 · November 17, 2025, 12:19pm

Hey @aldentharwood, thanks for the report. This was fixed quite a while back and I’m not able to reproduce this.

Can you check if this is happening for you on the latest version?

To help investigate further, could you please share:

Example command that bypassed your allowlist (e.g., cd /path && rm file)
Request ID when this happens: CMD/CTRL + Shift + P > Report AI Action > Copy Request ID

Thanks!

aldentharwood · November 19, 2025, 7:25pm

@sanjeed5 Oh great, wasn’t aware. I haven’t seen it happen yet today after turning sandbox back on, so things look good. will let you know if I see it again

Topic		Replies	Views
`cd` and allowlist Feature Requests	1	224	September 29, 2025
Allowlist ignored [not reproduced] Bug Reports	0	107	August 4, 2025
Agents git committing when they shouldn't Bug Reports	2	190	October 24, 2025
Agent running commands that are not on allowlist Bug Reports	2	151	November 23, 2025
Cursor arbitrarily blocking commands and not allowing them to be added to allowlist Bug Reports	8	169	December 19, 2025