I’m not ready for full on YOLO mode.
However, I have some trusted MCP tools that I would like to tell Cursor: “This MCP is safe and can be run without my consent”.
It would be nice if it were even more granular where you indicate exactly which tool/command from the MCP is safe to autorun
This way the agent can make use of trusted tools/commands while still keeping the consent for unknown commands
18 Likes
Hey, I think this will be useful. Thank you.
2 Likes
I honestly cannot believe this still isn’t a feature. It’s been asked for since 14 April — and it’s ridiculous that it hasn’t been prioritised yet.
Other platforms (like Claude Code) already have this, and it’s so obvious why it’s needed:
-
Some MCP tools are completely safe. I should be able to “always allow” them once and never be interrupted again.
-
Other tools are potentially risky, and I want to be prompted for confirmation every time.
Right now Cursor treats every tool call the same, which is a huge slowdown for anyone actually trying to use MCP in a real workflow. It’s breaking the flow of development for no good reason.
Please give us a per-tool allowlist / always-allow option. It’s not just a nice-to-have — it’s a basic expectation for serious users.
2 Likes
agreed, i dont want anything run on auto except mcp calls, any way this will be shipped?
1 Like
Can we get this feature, please!
1 Like
The MCP tools allow list exists in recent cursor versions, but it broke in a horrible way for users who had manually enabled stuff like “MCP Tools Protection”, which is no longer exposed in the UI.
For those affected, there is a fix whichI just posted here: