> And it's also true that this would have been avoided by executing in a sandbox.

Until someone runs `cursor ~/.where_i_store_a_bunch_of_secrets` or maybe even `cursor ~/.bashrc`