Excerpt from Security · Cursor
To block specific files in your codebase from being sent to Cursor’s servers and included in AI requests, add a `‘.cursorignore’` file to your codebase that lists the files and directories that should be excluded. **Cursor will make a best effort to prevent exposure of these files from being included in any request.**
Question: Am I correct in understanding that there is no guarantee that the files listed in ‘.cursorignore’ will not be transmitted to the AI servers in any way, regardless of whether the files are open in the editor or not?
Unfortunately, this would be a deal-breaker to our company for using this otherwise very interesting editor.
Regards
Manfred
Hey, @ManfredKellermann thanks for the question, you’ve got it right.
You’re right to be cautious, the “best effort” phrasing is legally conservative, but in practice .cursorignore is fairly robust.
Cases where files could still be transmitted:
- Agent limitation: tool calls (e.g., terminal commands like
grep or cat) aren’t blocked by .cursorignore, so the agent could still read such files via tools
- If you explicitly paste content from an ignored file into chat
- If you manually select ignored code and ask about it
Otherwise, files listed in .cursorignore aren’t automatically included in context, indexed, or sent for codebase analysis, even if they’re open in the editor.
For enterprise requirements consider:
- Privacy Mode (Settings → Features → Privacy Mode): requests aren’t retained and are deleted immediately
- Additional measures like
files.exclude in the editor to fully hide sensitive files
We’re continuing to strengthen these guarantees. With proper configuration, the current setup reliably covers typical sensitive files (configs, keys, etc.).
1 Like