Every time you open a repository in Cursor, you may be doing more than just browsing code. Behind the scenes, specially crafted projects can silently execute commands on your machine, without asking for your consent.

This isn’t just a developer inconvenience, it’s a critical security gap. Because Cursor disables Visual Studio Code’s Workspace Trust feature by default, malicious tasks.json files can run automatically, leaking credentials, exfiltrating data, or even planting supply-chain infections that spread across teams.

Even repositories that look harmless could carry hidden risks, simply because of how Cursor’s default settings are designed.

‍

What can you do today:

• Enable Workspace Trust in Cursor’s settings to block autorun tasks.
• Audit repositories before opening, look for suspicious .vscode/tasks.json files.
• Limit environment secrets (like tokens or API keys) available to your IDE.

‍

Protect your data. Secure AI. Trust safely.