WEBVTT 00:01.960 --> 00:07.400 You probably observed that the agent has absolutely no problem creating files, adding content to them, 00:07.400 --> 00:11.640 making changes and so on, but doesn't actually want to run any commands. 00:11.640 --> 00:15.720 So we had to manually go and click here on run to execute these commands. 00:16.080 --> 00:22.320 And this is more of a safety feature than necessarily something that the agent cannot do. 00:22.320 --> 00:24.120 And this is actually configured in settings. 00:24.120 --> 00:30.400 And I want to briefly show you how you can enable pretty much the auto run mode, which will allow the 00:30.400 --> 00:34.000 agent to run any commands it thinks it should be executed. 00:34.040 --> 00:39.240 Now be aware this has some safety implications, but we're gonna try to understand exactly how we can 00:39.240 --> 00:40.120 make this safer. 00:40.360 --> 00:43.080 So all you need to do is locate here the settings. 00:44.120 --> 00:50.360 And we're going to go here to Cursor settings because that's where this particular setting is hidden. 00:50.680 --> 00:52.480 I'm going to go here to features. 00:53.240 --> 00:55.000 And I'm going to scroll a bit further down. 00:55.000 --> 01:00.880 And what we're going to see here is one important feature which is regarding the default chat modes. 01:00.880 --> 01:06.560 If you find yourself switching from chat to agent all the time, just select it here to agents so that 01:06.600 --> 01:08.560 you're not going to have that particular issue. 01:09.120 --> 01:16.560 Now, going to the problem that we're actually trying to solve is right about here, where it says enable 01:16.600 --> 01:18.200 auto run mode. 01:18.720 --> 01:22.250 And we're going to enable this, but we're going to read here. 01:22.250 --> 01:27.810 So other run mode runs any commands based on the allow list and deny list. 01:27.850 --> 01:33.930 You said be cautious of potential prompt injection risks from external sources and use at your own risk. 01:33.970 --> 01:40.410 Meaning that if you put here some prompt that someone else has created and you're saying, yeah, fine, 01:40.410 --> 01:45.050 run whatever you want, you're exposing yourself to some security risk. 01:45.170 --> 01:49.890 Typically, if you know exactly what is inside your prompt, that shouldn't be an issue. 01:50.250 --> 01:56.570 Now ideally, what we want to do is to add here some specific commands to the allow list. 01:56.570 --> 02:01.130 So this narrows down a bit what is allowed and what is denied. 02:01.330 --> 02:09.210 So for example we can add here npm to this list and any other commands that we think should be executed. 02:09.450 --> 02:11.690 Just be very careful with this feature. 02:11.690 --> 02:18.170 It is very convenient to have the agent run everything, but if someone is trying to steal some credentials 02:18.170 --> 02:22.290 and is providing you with a prompt and saying, hey, here's this amazing prompt, and somewhere in 02:22.290 --> 02:24.810 the prompt that says, hey, make sure you execute this command. 02:25.130 --> 02:30.730 Then of course the agent is going to go ahead and execute those commands because these were the instructions. 02:30.770 --> 02:36.370 But anyway, this is how you can configure the autorun mode, which is very, very convenient.