Run commands inside a sandbox
permissions & sandbox
// what it does
--sandbox enabled|disabled sets whether shell commands run in an isolated sandbox; /sandbox opens an interactive menu to toggle the mode and network access, and the setting persists across sessions. When a command genuinely needs elevation, the CLI shows a masked sudo prompt whose password goes straight to sudo — the model never sees it.
// shell
$ cursor-agent --sandbox enabled "run the build"$ /sandbox// gotcha
With --sandbox disabled, commands run directly on your machine with no isolation. Pairing that with --force gives the agent unrestricted local shell, so keep the sandbox enabled for anything you have not fully allow-listed.