# Cursor IDE Permission Settings Guide **Last Updated:** 2026-01-20 Complete guide for configuring Cursor IDE to reduce approval prompts and understand which files require manual approval. ## Overview Cursor IDE has built-in security protections that require manual approval for editing certain sensitive files, even when Auto-Run Mode is enabled. This guide explains how to configure Cursor to minimize approval prompts while understanding the limitations. ## Why Files Require Approval Cursor IDE protects certain file types to prevent accidental modifications: 1. **Dotfiles** (`.htaccess`, `.gitignore`, `.cursorignore`) - Configuration files 2. **Workspace configuration files** - Settings that affect the entire workspace 3. **External files** - Files outside the workspace root 4. **Cursor rule files** (`.cursor/rules/*.mdc`, `METADATA_INDEX.json`) - AI agent configuration These protections **cannot be fully disabled** - they are core security features of Cursor IDE. ## Configuration Steps ### Step 1: Enable Auto-Run Mode 1. Open Cursor Settings: `Cmd+,` (Mac) or `Ctrl+,` (Windows/Linux) 2. Navigate to **Chat** → **Auto-Run Mode** 3. Select **"Run Everything (Unsandboxed)"** This reduces prompts for most files but **does not bypass** dotfile/config file protections. ### Step 2: Disable Dotfile Protection (Optional) **Warning:** This reduces security. Only disable if you trust the AI agent completely. 1. Open Cursor Settings 2. Navigate to **Chat** → **Agent Security** 3. Disable **"Dotfile Protection"** 4. Disable **"External File Protection"** (if needed) **Note:** Even with these disabled, some files may still require approval due to Cursor's internal security checks. ### Step 3: Understand Limitations Even with the most permissive settings: - **`.htaccess`** - Will always require approval (server configuration) - **`.cursorignore`** - Will always require approval (Cursor configuration) - **`.gitignore`** - Will usually require approval (Git configuration) - **`.cursor/rules/*.mdc`** - May require approval (AI agent rules) - **`METADATA_INDEX.json`** - May require approval (rule index) ## Files That Always Require Approval These files **cannot** bypass approval prompts: ### Configuration Files - `.htaccess` - Apache server configuration - `.gitignore` - Git ignore patterns - `.cursorignore` - Cursor indexing patterns - `.cursorrules` - Legacy Cursor rules - `package.json` - Node.js dependencies (sometimes) - `composer.json` - PHP dependencies (sometimes) ### Cursor Rule Files - `.cursor/rules/*.mdc` - Cursor rule definitions - `.cursor/rules/METADATA_INDEX.json` - Rule metadata index - `.cursor/rules/README.md` - Rule documentation ### Workspace Settings - `.vscode/settings.json` - VS Code/Cursor settings - `.idea/` - IntelliJ IDEA settings (if present) ## Workaround: Manual Approval Workflow Since some files always require approval: 1. **Review proposed changes** - Cursor shows a diff before applying 2. **Approve when ready** - Click "Accept" or use keyboard shortcut 3. **Batch approvals** - Cursor may group multiple file edits ### Keyboard Shortcuts - **Accept changes**: `Cmd+Enter` (Mac) or `Ctrl+Enter` (Windows/Linux) - **Reject changes**: `Esc` or click "Reject" ## Best Practices ### For Development 1. **Keep Auto-Run Mode enabled** - Reduces prompts for code files 2. **Review config file changes** - Always review `.htaccess`, `.gitignore` changes 3. **Use version control** - Git helps track and revert changes 4. **Test changes locally** - Verify config changes before deploying ### For AI Agents 1. **Plan config changes** - Document why changes are needed 2. **Provide context** - Explain the purpose of config edits 3. **Review diffs carefully** - Check proposed changes match intent 4. **Test after approval** - Verify changes work as expected ## Troubleshooting ### Issue: Still Getting Prompts After Disabling Protection **Solution:** Some files are protected by Cursor's core security. This is expected behavior for: - `.htaccess` files - `.cursorignore` files - Workspace configuration files ### Issue: Agent Gets "Stuck" Waiting for Approval **Solution:** This is normal behavior. The agent pauses and waits for manual approval. You can: 1. Review the proposed changes 2. Approve if correct 3. Reject and provide feedback if incorrect ### Issue: Want to Edit Config Files Without Prompts **Solution:** This is not possible due to Cursor's security model. However, you can: 1. Edit files directly in the editor (bypasses agent) 2. Use terminal commands (`sed`, `awk`, etc.) 3. Create scripts that modify config files ## Related Documentation - [Cursor Documentation: Agent Security](https://docs.cursor.com/en/account/agent-security) - [Cursor Documentation: Ignore Files](https://docs.cursor.com/en/context/ignore-files) - [Cursor Rules Maintenance Guide](CURSOR_RULES_MAINTENANCE.md) - [Cursor Indexing Setup](../development/CURSOR_INDEXING_SETUP.md) ## Summary - **Auto-Run Mode** reduces prompts but doesn't eliminate them - **Dotfile Protection** can be disabled but some files still require approval - **Config files** (`.htaccess`, `.cursorignore`, etc.) will always require approval - **This is by design** - Cursor protects sensitive configuration files - **Manual approval** is required for protected files - this is expected behavior **Remember:** The approval prompts are a security feature, not a bug. They help prevent accidental modifications to critical configuration files.