▲ 10 r/threejs

Magic

fun with some mls-mpm customizations. Pressure adds size, while azimuth and spin define polarization and intensity.

u/Small-Paint8980 — 15 days ago
▲ 88 r/threejs

Working on water V.II

work in progress. Lots wrong, but making progress. hardest thing is getting accurate breaker bar wave interaction(the longshore sand bump in water that causes the waves to break).
100+ fps on a 1050ti.

Added a "just-in-time" mls-mpm particle system that im working on. Still in particle only mode not connective liquid aesthetic.

u/Small-Paint8980 — 23 days ago

Codex extension in cursor is silently using the instructions and rules and mcp servers that are setup on my codex CLI. Even though the settings in Codex extension show none of them, and the Agent itself had no ability to diagnose and figure out why it was using such tools, it incorrectly stated it was an issue with cursor IDE and even after repeatedly asking it to check if it was an issue coming from Codex CLI it dismissed me 3 times before finally looking into it and indeed finding it was the issue.

reddit.com
u/Small-Paint8980 — 2 months ago
▲ 1 r/cursor

Summary

A previously removed or no-longer-visible connector was still exposed to Cursor as live callable MCP tools. The connector was not present in active user settings or project configuration, but its cached tool manifest was still loaded into the session.

This means Cursor can receive hidden/stale tool availability that the user cannot see or manage from the visible settings UI.

Impact

This is a serious provenance and safety issue.

A stale connector can continue influencing tool availability and model behavior after the user believes it has been removed. In this case, cached tool metadata included behavioral instruction text that competed with the current project’s instructions.

This breaks user trust because the visible settings do not reflect the actual tools made available to the model.

Expected Behavior

If a connector is not present in active settings or active project configuration, it must not be exposed to the model as callable tools.

Tool availability should only come from visible, current, user-authorized configuration.

Cached connector metadata should be invalidated when a connector is removed, disabled, or no longer visible in settings.

Actual Behavior

Active user settings showed no such connector.

Active project configuration showed no such connector.

However, Cursor still exposed tools from a cached app-connector manifest under the local Cursor cache directory.

The stale connector appeared in the model’s available tool namespace as live MCP/app tools despite not being visible in settings.

Reproduction Pattern

  1. Previously install or authorize a connector.
  2. Later remove or stop showing that connector in active settings/project configuration.
  3. Start a new Cursor session.
  4. Observe that the connector’s cached tool definitions may still be exposed to the model as callable tools.
  5. The model can call those stale tools even though the user does not see the connector in settings.

Evidence Pattern

The stale connector was absent from:

active user config
active project config
visible connector settings

But present in a cached tool manifest under:

~/.cursor/cache/cursor_apps_tools/

That cached manifest contained tool definitions and tool descriptions, which were injected into the active session.

Security/Safety Concerns

This can cause:

hidden tool availability
stale connector access
unexpected capability exposure
conflicting hidden tool instructions
incorrect provenance
project policy bypass
user trust failure

A model should never receive hidden stale tools that the user cannot see in settings.

Requested Fix

  1. Invalidate cached connector tool manifests when connectors are removed or disabled.
  2. Do not expose tools from connector cache unless backed by active visible configuration.
  3. Add a user-visible “active tools for this session” panel.
  4. Show source provenance for every available tool namespace.
  5. Prevent cached tool descriptions from injecting behavioral instructions unless the connector is actively authorized.
  6. Add a command/UI button to purge connector/tool cache.
  7. Warn at startup if cached tools differ from visible active configuration.

Severity

Critical.

This is hidden stale tool injection from cache/state outside visible user configuration.

reddit.com
u/Small-Paint8980 — 2 months ago