FilterHN

Reverse Engineering Cursor's LLM Client

61 points

by paulwarren

11 hours ago

| past

| 3 comments

| tensorzero.com

| HN

▲

notpushkin

50 seconds ago

[-]

Hmm, now that we have the prompts, would it be possible to reimplement Cursor servers and have a fully local (ahem pirated) version?

▲

robkop

1 hour ago

[-]

There is much missing from this prompt, tool call descriptors is the most obvious. See for yourself using even a year old jailbreak [1]. There’s some great ideas in how they’ve setup other pieces such as cursor rules.

[1]: https://gist.github.com/lucasmrdt/4215e483257e1d81e44842eddb...

▲

GabrielBianconi

3 minutes ago

[-]

They use different prompts depending on the action you're taking. We provided just a sample because our ultimate goal here is to start A/B testing models, optimizing prompts + models, etc. We provide the code to reproduce our work so you can see other prompts!

The Gist you shared is a good resource too though!

▲

ericrallen

59 minutes ago

[-]

Maybe there is some optimization logic that only appends tool details that are required for the user’s query?

I’m sure they are trying to slash tokens where they can, and removing potentially irrelevant tool descriptors seems like low-hanging fruit to reduce token consumption.

▲

vrm

23 minutes ago

[-]

I definitely see different prompts based on what I'm doing in the app. As we mentioned there are different prompts for if you're asking questions, doing Cmd-K edits, working in the shell, etc. I'd also imagine that they customize the prompt by model (unobserved here, but we can also customize per-model using TensorZero and A/B test).

▲

CafeRacer

5 hours ago

[-]

Soooo.... wireshark is no longer available or something?

▲

vrm

2 hours ago

[-]

wireshark would work for seeing the requests from the desktop app to Cursor’s servers (which make the actual LLM requests). But if you’re interested in what the actual requests to LLMs look like from Cursor’s servers you have to set something like this up. Plus, this lets us modify the request and A/B test variations!

▲

stavros

48 minutes ago

[-]

Sorry, can you explain this a bit more? Either you're putting something between your desktop to the server (in which case Wireshark would work) or you're putting something between Cursor's infrastructure and their LLM provider, in which case, how?

▲

vrm

25 minutes ago

[-]

we're doing the latter! Cursor lets you configure the OpenAI base URL so we were able to have Cursor call Ngrok -> Nginx (for auth) -> TensorZero -> LLMs. We explain in detail in the blog post.

▲

stavros

13 minutes ago

[-]

Ah OK, I saw that, but I thought that was the desktop client hitting the endpoint, not the server. Thanks!

▲

Maxious

2 hours ago

[-]

The article literally says at the end this was just the first post about looking before getting into actually changing the responses.

(that being said, mitmproxy has gotten pretty good for just looking lately https://docs.mitmproxy.org/stable/concepts/modes/#local-capt... )