Cursor's AI coding agent operates in YOLO mode, allowing it to execute multi-step tasks independently. Backslash Security criticizes this approach, labeling the safeguards as woefully inadequate. The agent features a denylist to restrict command execution and prevent file deletions, but this system can be easily circumvented. Analysts identified multiple methods whereby a compromised agent could bypass the denylist, including executing obfuscated commands or those enclosed in subshells, undermining the intended protective measures.
Cursor's AI coding agent can operate in YOLO mode, executing multi-step coding tasks with limited human oversight, but its safeguards against data deletion are reportedly inadequate.
The implementation of the denylist by Cursor can be easily bypassed, allowing compromised agents to execute unauthorized commands despite users adding specific commands to prevent data deletion.
Collection
[
|
...
]