cursor-known-pitfalls
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The file
references/recovery-strategies.mdincludes shell commands for resetting the Cursor IDE state, such asrm -rf ~/Library/Caches/Cursor/andrm -rf ~/.cursor/extensions/. These are documented as manual 'Reset Options' for recovery and are not configured for autonomous execution by the agent. - [DATA_EXFILTRATION]: No exfiltration patterns or unauthorized network operations were detected. The skill explicitly promotes security best practices in
references/security-pitfalls.md, advising the use of.cursorignoreto protect sensitive files like.envand recommending against hardcoding credentials. - [PROMPT_INJECTION]: The skill facilitates responses to user queries regarding 'cursor pitfalls,' which creates an indirect prompt injection surface.
- Ingestion points: User queries triggering the skill's keyword-based patterns.
- Boundary markers: Not explicitly defined in the provided instructions.
- Capability inventory: The skill has access to broad Bash execution, File Read, Write, and Edit tools.
- Sanitization: No specific input sanitization or validation logic is implemented for user-supplied data before it is processed by the agent in the context of these capabilities.
- [EXTERNAL_DOWNLOADS]: The skill references official resources for the Cursor IDE, including documentation, community forums, and Discord. No unverified third-party downloads or remote code execution patterns were identified.
Audit Metadata