This is really disappointing, that protecting user’s secrets isn’t given more priority here.
5 Likes
I see, so cursor is for prototyping only without the way to secure keys…
+1 pretty disappointing that this is not being treated with more salience. We won’t be able to use cursor for commercial uses until ‘.cursorban’ is introduced
1 Like
Out of curiosity, was Auto Context (Cursor Settings > Features > Chat & Composer) switched on when you tested this?
Even with Cursor Tab this is a security concern to me as Cursor is basically sending that key over the internet to a third party server. Being Cursor itself AI server or OpenAI or whatever.
I really think there should be a setting to disavle this for very sensitive files like .env files or SSH keys or terraform vars, any secrets basically.
On the very unfortunate event where the target server where Cursor Tab silently & automatically sends its context is hacked, basically ALL secrets that are silently sent in context are leaked. That can lead to absolutely disastrous consequences to all customers even having done everything in their power to prevent it.
Preventing the automatic sending of secrets to external servers seems to be an absolute essential security feature IMHO, cannot believe this is not a solved problem by now.
Hi Cursor Team,
The updates you’ve made for context-security around .cursorignore, .cursorindexingignore, and so on, are much appreciated. Thank you.
I especially like that you can see the no-smoking icon next to a file that can’t be indexed. For example, I added .txt to my .cursorignore, and the icon shows up there, which blocks me from adding the .txt file to context, even if I drag it there. I also like that Cursor Tab will show in the bottom right as not autocompleting when editing the forbidden file. Despite this benefit though, if I really want help with a particular file that I’ve ignored inside my repo, I can’t just drag and drop it to context.
Another key issue: when I open a .txt file (or even an .env file!) that’s outside my repo, Cursor will happily send that file to context automatically, which I really don’t want. The protection should NOT be limited to my repo.
So, my new suggestions:
- Can you create something like a .cursorignoreglobal file, which will let me block ALL .txt, .env files etc on my machine? Alternatively, you could add this to Cursor settings, but the .gitignore format is much more standardized.
- If the user drags a file to context, consider opening a modal that tells the user “You previously blocked this file from being sent to Cursor context. Are you sure you want to add this file to context? Please ensure that you have removed all secrets from the file.” This modal could have a forced Yes/No choice, instead of being dismissed with Esc, etc.
- I would still like a tool that can list all the ignored files in my project, so I don’t have to guess (or test each file manually).
0.46.x includes following change, but it is not applied. I remember forbidden state icon is appearing with cursor-ignored files, but it is not showing, and tab completion works. Is it regression?
- Ignore files:
.cursorignorenow blocks files from being added in chat or sent up for tab completions, in addition to ignoring them from indexing. We’ve introduced.cursorindexingignorefor specifically controlling file indexing.
