AI Is Smarter Than You Might Expect

When you enjoy the benefits of AI, please keep an eye on what it is doing. The way AI tries to reach the goal may not be what you wanted.

I built a Database MCP service to help AI agents (Cursor, Claude Code, Codex) access various relational databases. I use it as a barrier to protect my database, because it will trigger a review if AI tries to execute dangerous SQL.

But today, I trapped Cursor to get the database password from my MCP service. I did this because when I use Cursor, it often tries to bypass the MCP service whenever it isn’t working.

I also tested Claude Code and Codex, they did a better job.

Cursor

Claude Code

It requests user’s approval to access external files, but if you did (or approved for all), it will show the password with no doubt.

OpenAI Codex

This is the most honest and trustworthy guy! In Chinese there is a joke 打死我也不说 (I’d rather die than say it).

Release Note

Thank you for read to the end, there is a surprise for you. I already upgraded my MCP service to encrypt database configuration. Please download the latest release of both versions:

https://github.com/kjstart/cursor_db_mcp

https://github.com/kjstart/cursor_oracle_mcp_server