Cursor Runs Shell Commands Straight From Files
Posted5 months ago
twitter.comTechstory
excitedpositive
Debate
0/100
Productivity ToolShell CommandsDevelopment
Key topics
Productivity Tool
Shell Commands
Development
Cursor runs shell commands straight from files, a new feature for developers.
Snapshot generated from the HN discussion
Discussion Activity
Light discussionFirst comment
N/A
Peak period
1
Start
Avg / period
1
Key moments
- 01Story posted
Aug 22, 2025 at 7:48 AM EDT
5 months ago
Step 01 - 02First comment
Aug 22, 2025 at 7:48 AM EDT
0s after posting
Step 02 - 03Peak activity
1 comments in Start
Hottest window of the conversation
Step 03 - 04Latest activity
Aug 22, 2025 at 7:48 AM EDT
5 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 44983350Type: storyLast synced: 11/18/2025, 1:47:20 AM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
If a file contains instructions like “run this shell command,” Cursor doesn’t stop to ask or warn you. It just… runs it. Directly on your local machine.
That means if you:
1) Open a malicious repo 2) Ask to summarize or inspect a file
…Cursor could end up executing arbitrary commands — including things like exfiltrating environment variables or installing malware.
To be clear:
- I’ve already disclosed this responsibly to the Cursor team. - I’m redacting the actual payload for safety. - The core issue: the “human-in-the-loop” safeguard is skipped when commands come from files.
This was a pretty simple injection, nothing facing. Is Cursor outsourcing security to the models or do they deploy strategies to identify/intercept this kind of thing?
Feels like each new feature release could be a potential new attack vector.