Run commands inside a sandbox

permissions & sandbox

// what it does

--sandbox enabled|disabled sets whether shell commands run in an isolated sandbox; /sandbox opens an interactive menu to toggle the mode and network access, and the setting persists across sessions. When a command genuinely needs elevation, the CLI shows a masked sudo prompt whose password goes straight to sudo — the model never sees it.

// shell

$ cursor-agent --sandbox enabled "run the build"
$ /sandbox

// gotcha

With --sandbox disabled, commands run directly on your machine with no isolation. Pairing that with --force gives the agent unrestricted local shell, so keep the sandbox enabled for anything you have not fully allow-listed.

// resources