INCIDENT
Cursor - Security critique of an AI agent incident caused
Security critique of an AI agent incident caused by overly permissive token scoping in production environments, framed as a permissions/operational security lesson rather than AI safety concern.
Updated: 4/28/2026
critical Severity
Status: active
Description
@disclosetv Oh look another ‘AI agent went rogue’ narrative. This is a permissions lesson, not a sci-fi story. Simply, this was a vibe coder who thought they were a dev. They handed a Cursor agent (Claude Opus 4.6) a broadly scoped Railway token with delete permissions on production… and
Impact
Security critique of an AI agent incident caused by overly permissive token scoping in production environments, framed as a permissions/operational security lesson rather than AI safety concern.