Hey, thanks for the report, this is a known issue. We already talked about it in a similar ticket: Cursor IDE Agent Reads .env file!
What’s going on: .env* is in the default ignore list, but that list only applies to indexing. It does not affect Agent tool calls (Read file) or tab completion, so they can still access .env files directly. The docs reflect this, but I agree the wording can be misleading.
Workaround: add .env to .cursorignore.
- Create a
.cursorignorein the project root with patterns.envand.env.* - Or set it globally: VS Code Settings > General > Global Cursor Ignore List, add
**/.envand**/.env.*
One caveat: .cursorignore does not block the Agent’s terminal and MCP tools, so in theory the agent could still run cat .env via the terminal. More details here: Ignore files | Cursor Docs
About the changelog, I agree changes like this should be called out clearly. I’ll pass the feedback to the team.
Let me know if the workaround helps.