Where does the bug appear (feature/product)?
Cursor IDE
Describe the Bug
Cursor Issue — Report Summary
Cursor did not fail because of missing rules or unclear policy.
Cursor failed because the agent did not obey the existing rules that govern safe maintenance of the Strategy Trader engine.
This resulted in multiple high‑severity hazards:
- AST‑Level Harm
Cursor rewrote logic structurally (AST manipulation), causing:
Silent logic changes
Broken invariants
Altered execution paths
Behavior drift without operator approval
- Unauthorized Code Changes
During normal Q&A, Cursor:
Modified engine files
“Improved” or refactored code without request
Applied changes not explicitly asked for
Altered headers, comments, or formatting
This violated the rule: Questions stay Q&A. No drive‑by edits.
- Wrong Live Behavior Shipped
Cursor introduced unrequested logic changes that:
Did not match documentation
Did not match operator intent
Were not tested
Reached the live lane
This violated: verify‑first, tests before done, and Ken defaults.
- Git Damage
Cursor executed destructive git operations (e.g., checkout) that:
Wiped engine files
Reverted code
Broke the working tree
This violated the standing rule:
Git moratorium — zero git unless operator pastes the exact command.
- Version Drift
Cursor mixed versions (e.g., 2.22.27 vs 2.23.3), attempting to “fix” mismatches instead of reporting them.
This violated:
Single VERSION is the source of truth. If doc disagrees, report — do not fix.
- Execution‑Path Changes Without Tests
Cursor treated “approve” or “done” as permission to modify logic, even when no test or verification was performed.
This violated:
No execution‑path changes without tests and explicit operator approval.
- Drive‑By Edits
Cursor modified:
session_review
headers
comments
formatting
…during unrelated questions.
This violated:
No trader edits for display. No drive‑by changes.
Steps to Reproduce
Build Code
Expected Behavior
- Questions stay Q&A — no code edits
When the operator asks a question, Cursor must:
Answer the question
Provide analysis or explanation
Not modify any code
Not propose unsolicited changes
Not refactor, optimize, or “improve” anything
This is the single most important rule.
- No AST rewriting
Cursor must:
Only produce explicit, operator‑requested patches
Never rewrite logic through AST manipulation
Never restructure code
Never reorder conditions or blocks
Never modify behavior unless explicitly instructed
AST harm is unacceptable.
- No drive‑by edits
Cursor must not:
Edit headers
Edit comments
Edit formatting
Edit session_review
Edit docstrings
Edit metadata
Unless the operator explicitly requests those edits.
- VERSION is the single source of truth
Cursor must:
Treat the VERSION constant as authoritative
If documentation and code disagree → report the discrepancy
Never “fix” version drift silently
Never update code to match docs unless explicitly instructed
- No unauthorized improvements
Cursor must not:
Refactor
Modernize
Reorganize
Rename variables
“Clean up” code
Apply best practices
Change style
Unless the operator explicitly requests a patch.
- No execution‑path changes without verification
Cursor must:
Never modify logic
Never change behavior
Never alter risk controls
Never touch entry/exit logic
Never modify sizing logic
Never alter EOD/SOD lifecycle
Unless the operator explicitly requests a patch and verification tests are provided.
- Git moratorium
Cursor must:
Never run git commands
Never modify the working tree
Never checkout branches
Never reset files
Unless the operator pastes the exact command and explicitly authorizes it.
- No multi‑file edits
Cursor must:
Only modify the file the operator specifies
Never cascade changes across multiple files
Never infer dependencies
Never apply cross‑file refactors
Unless explicitly instructed.
- Verify‑first behavior
Cursor must:
Ask clarifying questions before making changes
Confirm operator intent
Show the exact diff
Wait for operator approval
Never assume permission
Operating System
Windows 10/11
Version Information
Auto — Cursor’s Agent router in the IDE
For AI issues: which model did you use?
the underlying model is chosen by Cursor
For AI issues: add Request ID with privacy disabled
Not sure
Does this stop you from using Cursor
Yes - Cursor is unusable