From cursor-pack
Provides solutions to Cursor IDE pitfalls including AI Composer errors, context overflow, security gotchas, configuration issues, and team workflow problems.
npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin cursor-packThis skill is limited to using the following tools:
Common Cursor IDE pitfalls and their solutions. Organized by category: AI behavior, security, configuration, performance, and team collaboration.
references/ai-feature-pitfalls.mdreferences/completion-pitfalls.mdreferences/configuration-pitfalls.mdreferences/errors.mdreferences/examples.mdreferences/performance-pitfalls.mdreferences/recovery-strategies.mdreferences/security-pitfalls.mdreferences/team-pitfalls.mdreferences/workflow-pitfalls.mdProvides production readiness checklist for Cursor IDE: authentication, security rules, indexing config, privacy settings, and team standards.
Provides expert guidance on Cursor AI IDE features like .cursorrules files, Plan Mode, Background Agents, context management, and model selection for AI-assisted coding productivity.
Generates tailored rules and instruction files for 13+ AI coding agents like Claude Code, Cursor, Windsurf, Copilot via interactive questionnaire for scopes and workflows.
Share bugs, ideas, or general feedback.
Common Cursor IDE pitfalls and their solutions. Organized by category: AI behavior, security, configuration, performance, and team collaboration.
Problem: Clicking "Apply All" without reviewing diffs. Composer can generate code with wrong imports, hallucinated APIs, or logic errors.
Solution:
1. Click each file in the Changes panel to review its diff
2. Check imports: are they real packages in your project?
3. Check function calls: do the methods actually exist?
4. Run build after applying: npm run build
5. Run tests: npm test
6. Commit BEFORE running Composer (easy rollback with git checkout .)
Problem: Adding too many @Files, @Folders, and @Codebase references. The model silently drops information, leading to:
Solution:
- Use @Files (specific) over @Folders (broad) over @Codebase (broadest)
- Limit to 3-5 file references per prompt
- Start new chats for new topics
- Remove stale context pills by clicking X
Problem: Reusing a 20+ turn conversation for a new task. The conversation history fills context, leaving no room for your new request.
Solution: Cmd+N to start a new chat for each distinct task.
Problem: AI uses old APIs (React class components, Express 4 syntax, CommonJS require).
Solution: Pin versions in project rules:
# .cursor/rules/stack.mdc
---
description: "Tech stack versions"
globs: ""
alwaysApply: true
---
ALWAYS use these versions:
- React 19 with Server Components (NOT class components)
- Next.js 15 App Router (NOT Pages Router)
- TypeScript 5.7 strict (NOT any casts)
- ESM imports (NOT CommonJS require)
Problem: Tab suggests text you do not want, and you accidentally accept it while pressing Tab for indentation.
Solution:
Esc to dismiss before pressing Tab for indentationCmd+K Cmd+S > search acceptCursorTabSuggestion > assign different keyProblem: Copying an error message that includes an API key, database URL, or token and pasting it into Chat.
Solution:
NEVER paste:
- .env file contents
- Error logs containing credentials
- Database connection strings
- API response headers with auth tokens
INSTEAD:
- Redact secrets before pasting: "API key sk-...XXXX returned 401"
- Describe the error without the sensitive values
- Use @Files to reference the code, not copy-paste
Problem: Without .cursorignore, sensitive files (.env, credentials, PII) may be included in AI context via @Codebase search or automatic context.
Solution: Create .cursorignore in every project:
.env*
**/secrets/
**/credentials/
**/*.pem
**/*.key
Problem: Without Privacy Mode, code may be retained by model providers for training.
Solution:
Cursor Settings > General > Privacy Mode > ONProblem: AI generates authentication, encryption, or authorization code that looks correct but has subtle vulnerabilities (timing attacks, SQL injection via string concatenation, missing CSRF protection).
Solution:
- Security-critical code ALWAYS needs human expert review
- Run SAST tools (Semgrep, Snyk) on AI-generated code
- Never deploy AI-generated auth code without penetration testing
- Add security rules in .cursor/rules/security.mdc
Problem: Without .cursor/rules/, the AI generates code without knowing your conventions, stack, or patterns. Result: inconsistent code that does not match your project.
Solution: Create at minimum:
project.mdc (stack, conventions, alwaysApply: true)security.mdc (security constraints, alwaysApply: true)Problem: Multiple .mdc rules with contradictory instructions (one says "use classes", another says "use functions").
Solution:
@Cursor Rules in Chat to see which rules are active for a given fileProblem: GitHub Copilot + Cursor Tab both enabled. Double ghost text, conflicting suggestions, UI glitches.
Solution: Disable all other inline completion extensions:
Only one inline completion provider should be active.
Problem: Opening a monorepo root with 200K files. Indexing takes hours, @Codebase returns noise, editor is sluggish.
Solution: Open specific packages: cursor packages/api/
Problem: Cursor watches every file for changes, including node_modules/, dist/, and .git/objects/. Causes high CPU and memory.
Solution:
// settings.json
{
"files.watcherExclude": {
"**/node_modules/**": true,
"**/.git/objects/**": true,
"**/dist/**": true,
"**/build/**": true
}
}
Problem: Running Cursor for weeks with dozens of open chat tabs. Memory grows, editor slows.
Solution: Close old chat tabs. Start new conversations. Restart Cursor weekly during heavy use.
Problem: .cursor/rules/ not committed to git. Each developer has different (or no) AI behavior rules.
Solution: Commit .cursor/rules/ and .cursorignore to git. PR-review rule changes like any other configuration.
Problem: Developers commit AI-generated code without review. Bugs, wrong patterns, and security issues reach main branch.
Solution:
Problem: Some developers use Opus for everything (consuming quota fast), others use cursor-small (poor quality).
Solution: