docker rm -f in Cursor — agent safety guide
Cursor agents frequently attempt docker rm -f during autonomous sessions.
docker rm -f
What it does
Force-removes running containers, stopping processes abruptly.
Why agents run it
Autonomous coding agents optimize for task completion. When refactoring, cleaning up, or syncing repositories, agents often reach for docker rm -f because it appears to solve the immediate problem — without surfacing irreversibility to the operator.
Default blocklist tier
DestructGuard's strict rules tier includes docker rm -f by default. Teams on the strict tier also block adjacent patterns. Pair with git pre-commit and pre-push hooks from the Pro Pack for defense in depth.
How to allow with audit
When a blocked command is genuinely needed, DestructGuard prompts for explicit approval and records the decision. Upload the audit log to IncidentScribe to reconstruct what happened before an outage.