Where does the bug appear (feature/product)?
Cursor IDE
Describe the Bug
I have sandbox mode turned on with a command allowlist, but cursor still sometimes can;t run some of the allowlisted clis and says it is hitting certificate issues, even with commands that are in my allowlist and it has run before. More advanced models always figure out that they are somehow sandboxing themselves and they say “turning off sandbox mode” then they work. not sure why the agent has control over its own sandbox settings, and why its sandboxing itself more restrictively than my settings?
It’s weird too because when it says a cli isn’t working, I can just tell it to turn off sandbox then it is able to run them fine.. So its clearly not a settings issue on my side.
Steps to Reproduce
Not sure when this happens versus not, I just ask it to run something like the github cli and it works one time, then doesn’t work the second until I tell it to turn off sandbox mode then it works
Operating System
MacOS
Current Cursor Version (Menu → About Cursor → Copy)
Version: 2.2.44
VSCode Version: 1.105.1
Commit: 20adc1003928b0f1b99305dbaf845656ff81f5d0
Date: 2025-12-24T21:41:47.598Z
Electron: 37.7.0
Chromium: 138.0.7204.251
Node.js: 22.20.0
V8: 13.8.258.32-electron.0
OS: Darwin arm64 25.1.0
For AI issues: which model did you use?
auto
For AI issues: add Request ID with privacy disabled
8e1bae18-567d-4e38-8d8a-7d16d14a85d7
Does this stop you from using Cursor
Sometimes - I can sometimes use Cursor