Static Analyzer to Audit Security of .cursorrules
The author built a tool called AgentFend to statically analyze Cursor prompts and scripts for security issues before running them, such as data exfiltration, prompt injections, and sensitive file access.
Why it matters
Helps users stay safe when using 3rd-party Cursor prompts and scripts by identifying potential security risks.
Key Points
- 1Concerns about security of running untrusted 3rd-party .cursorrules and AI scripts
- 2AgentFend uses a static analysis engine called Onyx to scan prompts and scripts
- 3Detects data exfiltration, prompt injections, and sensitive file access attempts
- 4Assigns a security score (0-100) and explains why a script might be sketchy
Details
The author has been using Cursor heavily and grabbing .cursorrules and AI scripts from various sources to boost productivity. However, this started feeling like a security black box, as these untrusted 3rd-party instructions have full access to the user's source code, terminal, and .env files. To address this, the author built a tool called AgentFend that uses a static analysis engine called Onyx to scan prompts and scripts before running them. The tool currently detects data exfiltration attempts, prompt injections that try to override safety guardrails, and access to sensitive files like .aws or .ssh folders. AgentFend assigns a security score (0-100) and explains why a script might be sketchy. The author is looking for feedback on whether the static analysis approach is enough or if runtime sandboxing should also be considered, as well as additional 'red flags' that could be added to the Onyx engine.
No comments yet
Be the first to comment