Skip to content

SOP-008: Terminal Integration

Document Control

FieldValue
SOP IDSOP-008
Version1.0
StatusActive
Last Updated2024-12

Purpose

This SOP covers Cursor's terminal integration, including sandbox execution, command approval, and auto-run configuration.

Scope

  • Sandbox mode (macOS)
  • Command approval workflow
  • Allowlist configuration
  • Enterprise controls

Prerequisites

  • Cursor installed
  • Understanding of Agent Chat (SOP-006)

Procedure

Terminal Integration Overview

Three Execution Modes:

ModeDescriptionPlatform
SandboxAuto-runs in restricted environment, blocks unauthorized accessmacOS
Ask Every TimeShows approval prompt for each commandWindows/Linux default
Run EverythingFull trust, no approval neededAll (experienced users)

Step 1: Understand Sandbox (macOS)

The sandbox restricts what commands can do:

Access TypeSandbox Behavior
File ReadAllowed (full filesystem)
File WriteWorkspace directories only
NetworkBlocked by default (configurable)
Temp FilesFull access to /tmp/
.cursor folderAlways protected

Implemented using: macOS sandbox-exec

Platform Support

Sandbox is currently macOS only. Linux support coming soon. Windows users can use WSL or devcontainers.

Step 2: Configure Auto-Run Mode

Navigate to: Settings → Cursor Settings → Agents → Auto-Run

SettingDescription
Run in SandboxCommands auto-run in sandbox (macOS)
Ask Every TimeAll commands require approval
Run EverythingNo approval needed

Recommended Settings:

  • macOS: Run in Sandbox
  • Windows/Linux: Ask Every Time

Step 3: Handle Command Approval

When Agent wants to run a command:

Agent wants to run: npm install express cors

Options: [Run] [Skip] [Add to Allowlist]

OptionResult
RunExecute once
SkipCancel, try alternative
Add to AllowlistAlways allow this command

Step 4: Manage Allowlist

Commands on the allowlist run without approval:

Add to Allowlist:

  1. When prompted, click "Add to allowlist"
  2. Or: Settings → Cursor Settings → Agents → Command Allowlist

Common Allowlist Commands:

npm install
npm run
yarn
pnpm
git status
git diff
git log
python -m pytest
cargo build
cargo test

Step 5: Configure Network Access

For sandbox mode, network is blocked by default.

Enable Network: Settings → Cursor Settings → Agents → Auto-Run Network Access

Use Cases for Network:

  • Installing packages (npm install)
  • API testing
  • Git push/pull operations

Step 6: Git Operations

Special handling for Git commands:

SettingBehavior
Allow Git Writes (enabled)git commit, git push run in sandbox
Allow Git Writes (disabled)Git write operations require approval

Push Requires Network

git push needs both Git Writes enabled AND Network Access for sandbox mode.


Additional Protection Settings

SettingDescription
Browser ProtectionPrevent auto-running browser tools
File-Deletion ProtectionRequire approval for file deletes
Dotfile ProtectionProtect .gitignore and similar files
External-File ProtectionProtect files outside workspace

Configure in: Settings → Cursor Settings → Agents


When Sandbox Commands Fail

If a sandboxed command fails due to restrictions:

Command failed: curl https://api.example.com/data

Reason: Network access blocked

OptionResult
SkipLet Agent try alternative
RunRun outside sandbox once
Add to AllowlistRun outside sandbox always

Troubleshooting Shell Themes

Heavy shell themes can interfere with terminal output:

Problem: Truncated or misformatted output with Powerlevel10k/Powerlevel9k

Solution: Detect Cursor Agent and disable theme:

For Zsh (~/.zshrc):

bash
if [[ -n "$CURSOR_AGENT" ]]; then
  # Skip theme initialization for Agent sessions
else
  [[ -r ~/.p10k.zsh ]] && source ~/.p10k.zsh
fi

For Bash (~/.bashrc):

bash
if [[ -n "$CURSOR_AGENT" ]]; then
  PS1='\u@\h \W \$ '
fi

Enterprise Controls

For Enterprise subscriptions, admins can override settings:

Admin SettingDescription
Auto-Run ControlsEnable/disable user auto-run settings
Sandboxing ModeForce sandbox for all users
Sandbox NetworkingControl network access
Terminal Command AllowlistOrganization-wide allowlist
Enable Run EverythingAllow users to enable full trust

Configure at: cursor.com/dashboard → Settings → Auto-Run


Verification Checklist

  • [ ] Auto-Run mode configured appropriately
  • [ ] Sandbox works (macOS) - commands run automatically
  • [ ] Command approval prompt appears when needed
  • [ ] Can add commands to allowlist
  • [ ] Network access setting works as expected
  • [ ] Protection settings enabled for sensitive operations

Troubleshooting

IssueSolution
Commands always askingCheck auto-run mode setting
Sandbox failingVerify macOS, check permissions
Network commands blockedEnable network access in settings
Output formatting brokenDisable shell theme for Agent
Git push failingEnable both Git Writes and Network

See Also

Built with VitePress | Powered by Claude AI