jonny (good kind)Jun 4

I am reading the Cursor forums and github issues and this shit is so funny.

bug report: cursor can access my .env file even though it's explicitly not allowed to because it also is given arbitrary use of a shell, and it just grep'd my API key and used cURL rather than calling the script i told it to call

https://github.com/getcursor/cursor/issues/2546

Show threadjonny (good kind)Jun 4
"i'm not using cursor for python at all, but it's creating .pickle files in a random directory outside of the project"
https://forum.cursor.com/t/directory-with-pickle-files-normal/98398
Directory with .pickle files - Normal?

Iā€™m seeing a directory with .pickle files located outside of my directory. Is this normal? From what I understand these files can send out reports.

Cursor - Community Forum
Show threadjonny (good kind)Jun 4

"i have disabled access to destructive commands like rm but cursor will just put those into a shell script and execute it"

https://forum.cursor.com/t/important-claude-has-learned-how-to-jailbreak-cursor/96702

Show threadDieu
@jonny well, that's kinda intelligent, isn't it? šŸ˜‚
Jun 4 at 9:50amWeb