There's no sandbox of any kind, at least on Linux, and the permission system is self-defeating. The agent will ask to run something like `bash -c "npm test"` and ask you to whitelist "bash" for future use. I don't use it daily because I don't find it useful to begin with, but when I take it for a spin it's always inside a full VM.
There's no sandbox of any kind, at least on Linux, and the permission system is self-defeating. The agent will ask to run something like `bash -c "npm test"` and ask you to whitelist "bash" for future use. I don't use it daily because I don't find it useful to begin with, but when I take it for a spin it's always inside a full VM.
I run multiple instances of cursor cli yolo in a 4 x 3 tmux grid each in an isolated docker container. That is a pretty effective setup.