Hi everyone - as a previous context I’m an AI Program Manager at J&J and have been using Cursor for personal projects since March.
Yesterday I was migrating some of my back-end configuration from Express.js to Next.js and Cursor bugged hard after the migration - it tried to delete some old files, didn’t work at the first time and it decided to end up deleting everything on my computer, including itself. I had to use EaseUS to try to recover the data, but didn’t work very well also. Lucky I always have everything on my Google Drive and Github, but it still scared the hell out of me.
Now I’m allergic to YOLO mode and won’t try it anytime soon again. Does anyone had any issue similar than this or am I the first one to have everything deleted by AI?
Hi, this happens quite rarely but some users do report it occasionally. However there are clear steps to reduce such errors.
Did you enable file deletion protection in the Auto-run settings in Cursor including .file protection and external file protection? Those should help avoid most such issues.
Also set clear commands what the agent is allowed to do by itself Allow/Deny lists
Nope, I was really living in YOLO mode. Guess I was trying to see where it would go in some issues, but man I couldn’t believe my eyes when everything disappeared. Only git reset --hard was on the prohibited list because once it did this alone. But deleting everything on my computer is absolutely insane. Felt like Ultron took over
Took me some hours but now I have everything back again. Now I learned about the YOLO rules btw, thanks!
Yes since AIs are trained to be helpful and agentic, they may try workarounds when usual approaches dont work. like using CLI when it cant edit a file using the edit_tool.
On other sides there might also be sometimes hallucinations.
I recommend running Cursor as YOLO in an virtual environment. No access to users personal files and less impact if it does rm rf /.
Mostly for me using those settings it never tries to brick folders. Im wondering sometimes if that has to do with programming languages and frameworks too.,
Those “clear steps” are honestly less than clear. We get two input fields, with no hints, placeholders, or autocomplete. What exactly goes there? A mystery for a new user.
A basic example with some best practices? The only field we get any example on in the docs is a field that no longer exists in the application, because the docs section on Auto-run is so ancient, the screenshot still referes to YOLO. Search in docs doesn’t recognize any related phrases either, so just finding that short section takes forever.
I used to joke when people said “it can only wipe your home directory”
“Oh, so the files I downloaded from the Internet and can do so any time is protected, but my personal files that only exist in my home directory - they’re all gone?”
Any Command that isnt in the Allow list is shown to user to decide if they wanna run the command. So yes its not allowing automatically commands if they are not in deny list.
That’s one of the main reasons I am inclined to use it in a KVM env. There it can delete everything no issues at all.
Even if AI was the supreme being doing everything correctly, it would not be a good practice to let it run unsupervised commands on YOUR machine. Would you let a Junior/Intern that is learning Linux use your day-to-day with all your files?
