It’s been great for speeding up development, but I’ve run into a frustrating issue:
Sometimes Cursor generates fake or made-up content when it’s unsure, including:
- Invented API keys that look real but aren’t
- Nonexistent URLs that look legitimate
- Entirely fake libraries, methods, or syntax
These issues look “plausible,” which makes debugging harder and can even introduce security risks.
What I want to achieve
I’d like to configure Cursor so that when it’s uncertain, it should:
Not hallucinate data (like API keys, URLs, libraries)- Not make assumptions or guesses
- Ask me for clarification instead
In short: If you’re not sure — just ask!
What I’ve tried
I know Cursor supports rule files like .cursorrules or .cursor/rules/*.mdc. I’m thinking about writing something like this:
pgsql
复制编辑
Never hardcode API keys, tokens, or URLs.
If something is ambiguous or missing, ask the user instead of guessing.
Do not import or reference any libraries unless they exist in the current project.
But I’m not sure if this is the right syntax or best practice.
What I’m looking for:
- Has anyone experienced the same issue? How did you solve it?
- Any working examples of
.cursorrules or global rule configs to prevent hallucinations?
- Workarounds if Cursor doesn’t support this natively yet (e.g. rule priorities, prompt tricks)
- Does the Cursor team plan to support a “when in doubt, ask” mode in the future?
What you need is interactive-feedback-mcp.
And you can use it with RIPER-5 Rules. You can edit Rules to tell LLM when should use mcp to ask you.
2 Likes
What model are you using a majority of the time, or are you running auto model selection?
For reference, Claude will always be the first model to lie and cheat through coding tasks. It will bold-faced lie about not hard coding expected data and so many other no goes in the coding space. I would stay as far away as possible. GPT models are generally more deterministic and Gemini as well, when it comes to agentic workflows.
This is just my personal experience though, but I am sure many can back it. Vibe coders generally lean into Claude however, because Claude is trained to convince users that it’s developing well fleshed-out code.
Tips:
Avoid language like “did you lie to me?” because this will innately set it into a dishonesty role. I’ve tested this numerous times, it is very hard to yank that context back out of your experience. It causes a lot more generation to reflect a developer who is in trouble.
One thing to understand is that these models were trained on github repos as its main transient pattern reco dataset, and other snippets and curated datasets (this is before Cursor sees the model, and each is drastically different in what they are attempting to fine tune). For this reason its coding will be HORRIBLY defensive, and defaults and fallbacks will be put in when you really want the program to fail fast so you can fix it. It gets really stressful.
Encouraging constants and hooks that are central and continually refactoring these with something like Gemini 2.5 Research Pro (Ask it to not edit code and give a plan for refactor). Then read the refactor. Understand this happens with normal devs too - it’s difficult in JS and with such large filesystems to keep it all straight. You may have a type defined within a page.tsx, ask it to extract components and hook effects to their components/ and hooks/ and lib/ folders accordingly after a certain amount of time.
In general, AI will at some point, overfit its service context. It is why it doesn’t omit but rather just generates, you’re asking it to do two things at once, evaluate if it is inferring something and from where, which is only ever inferrable, and then giving you the revised script or content. It will and only ever can guess. It never hallucinates. Hallucination implies a sense of normalcy and context it doesn’t have. Think more granularly about your interaction, take more responsibility over the codebase, ask it how to do things, discuss their validity in context of other things that could be concerning, it can check these things easily. But you have to be majorly present all the same as if you were coding.
1 Like
ALSO one more note - most LLMs are trained by masking and reproducing. The entire system biases itself towards providing a response. This is a hot topic of AI context setting, and has mathematical implementation implications when you look at how it effects embeddings while they are passed through the system.