Docker for security

I am not comfortable permitting models to run many commands, like perl which can lead to making some changes to my computer outside the project repository. Instead of manually approving each time, I wonder if using a Docker image for my project will provide some isolation. In Docker, I can allow it to run pretty much any command without worrying about security.

Would that work as I expect? For example, when I allow some command, say “perl”, would it remember that it was allowed only for this project/workspace? Has anyone tried using it with Docker? Are there any good instructions?

hi @vzaliva Docker would be sufficient protection only in case you run Cursor there. Likely a simpler and more practical approach is a virtual machine running the same OS as your machine. This way you can run sensitive commands in the VM with much reduced risk as long as you do not grant file access to your host machine.

Executing a Docker command in terminal on host machine does not increase security as AI may alter the command and run actions on local machine.

Here is my attempt for cursor agent cli GitHub - cleaton/cli-agent-container: cli-agent-container is a simple convention for wrapping CLI agents in containers. Each project adds a single <name>.<agent-type> script to bootstrap dependencies once; a tiny shell helper then creates/resumes a persistent per‑project container and runs the agent inside it.