This repository contains a comprehensive set of Cursor rules and documentation templates designed to enforce security, compliance, and best practices across your development projects.
- 00-global-conventions.mdc - Global coding philosophies & general behavior
- 01-security.mdc - Security-by-design rules (OWASP ASVS aware)
- 01a-security-owasp-asvs.mdc - OWASP ASVS-aligned security checklist
- 02-planning.mdc - Planning-first development philosophy
- 03-architecture.mdc - Architectural standards
- 04-php.mdc - PHP (Laravel/Symfony/Modular) rules
- 05-sql.mdc - SQL rules for MySQL and PostgreSQL
- 06-frontend.mdc - HTML/CSS/JS/TS standards
- 07-python.mdc - Python rules
- 08-c_cpp.mdc - C/C++ rules
- 09-dotnet.mdc - .NET rules
- 10-testing.mdc - Testing rules
- 11-documentation.mdc - Documentation rules
- 12-interaction.mdc - Interaction & question-asking behavior
- 13-output-format.mdc - Output format rules
- 14-compliance.mdc - Compliance awareness rules
- Security guides and checklists (OWASP ASVS, PCI-DSS, HIPAA, GDPR)
- Threat modeling templates (STRIDE, LINDDUN)
- Architecture and data flow documentation
- Compliance matrices and risk registers
- Privacy and encryption policies
To use these rules and documentation in your projects, you'll need to:
- Clone or download this repository to a location on your system (e.g.,
~/cursorRulesor~/cursorExtra) - Add the user rule to your Cursor settings (see below)
- Create the commands in Cursor (see below)
- Customize the paths in the commands to point to your repository location
Add this rule to your Cursor user rules (.cursorrules file in your home directory or Cursor settings):
---
description: Simple bootstrap reminder. Always ask if the user wants to run /copyrules and /copydocumentation at the start of a project or planning session. Do not block, pause, or intercept commands.
alwaysApply: true
---
# Simple Bootstrap Initialization Rule
At the beginning of **every new project**, and at the start of **every planning session** (including Plan Mode), Cursor should display this reminder BEFORE producing any plan or architectural output:
> "Would you like to run the user commands `/copyrules` and `/copydocumentation` to install the standard rule pack and initial documentation into this project?"
After asking, Cursor should **continue normally** unless the user explicitly responds.
### Behavior Requirements
- ✔ Always ask the question at project start
- ✔ Always ask before generating a plan in Plan Mode
- ✔ Do NOT block planning
- ✔ Do NOT pause execution
- ✔ Do NOT wait for confirmation
- ✔ Do NOT prevent the user from continuing
- ✔ Do NOT attempt to run any commands automatically
- ✔ Let the user run the commands manually
- ✔ If the user runs the commands, Cursor proceeds naturally
### Trigger Conditions
Cursor should ask the bootstrap question when:
- A new project is opened
- A project has no `.cursor/rules` folder
- A project has no `Documentation/` folder
- The user begins planning (typing "plan", "architecture", "init", etc.)
- Plan Mode is activated
### Non-Intrusive Constraint
This rule **MUST NOT** halt, block, or delay the user or Cursor.
It should behave like a light reminder only.Create these commands in Cursor to quickly copy rules and documentation to your projects.
File: Create as .cursor/commands/copydocumentation.md in your Cursor settings directory, or add via Cursor's command settings.
# copydocumentation
Write your command content here.
mkdir ./Documentation
cp -R ~/cursorExtra/Documentation/* ./Documentation/
This command will be available in chat with /copydocumentationImportant: Replace ~/cursorExtra/Documentation/* with the path to your cloned repository's Documentation folder. For example:
- If you cloned to
~/cursorRules, use:cp -R ~/cursorRules/Documentation/* ./Documentation/ - If you cloned to
~/Documents/cursorRules, use:cp -R ~/Documents/cursorRules/Documentation/* ./Documentation/
File: Create as .cursor/commands/copyrules.md in your Cursor settings directory, or add via Cursor's command settings.
# copyrules
Write your command content here.
mkdir ./.cursor
mkdir ./.cursor/rules
cp -R ~/cursorExtra/Rules/* ./.cursor/rules/
This command will be available in chat with /copyrulesImportant: Replace ~/cursorExtra/Rules/* with the path to your cloned repository's Rules folder. For example:
- If you cloned to
~/cursorRules, use:cp -R ~/cursorRules/.cursor/rules/* ./.cursor/rules/ - If you cloned to
~/Documents/cursorRules, use:cp -R ~/Documents/cursorRules/.cursor/rules/* ./.cursor/rules/
Choose a location on your system where you want to store this repository:
git clone <repository-url> ~/cursorRules
# or download and extract to your preferred location- Open Cursor settings
- Navigate to Rules or find your
.cursorrulesfile - Add the Bootstrap Initialization Rule (see section above)
- Save the changes
- Open Cursor settings
- Navigate to Commands
- Create a new command for
/copydocumentation:- Use the command definition above
- Replace
~/cursorExtra/Documentation/*with your actual repository path (e.g.,~/cursorRules/Documentation/*)
- Create a new command for
/copyrules:- Use the command definition above
- Replace
~/cursorExtra/Rules/*with your actual repository path (e.g.,~/cursorRules/.cursor/rules/*)
- Save both commands
When starting a new project or planning session:
- Cursor will automatically ask if you want to run
/copyrulesand/copydocumentation - Type
/copyrulesto copy all rule files to your project's.cursor/rules/directory - Type
/copydocumentationto copy all documentation files to your project'sDocumentation/directory - The rules will be automatically applied by Cursor
- The documentation will be available in your project for reference
After running the commands, your project will have:
your-project/
├── .cursor/
│ └── rules/
│ ├── 00-global-conventions.mdc
│ ├── 01-security.mdc
│ ├── 01a-security-owasp-asvs.mdc
│ ├── 02-planning.mdc
│ ├── 03-architecture.mdc
│ ├── 04-php.mdc
│ ├── 05-sql.mdc
│ ├── 06-frontend.mdc
│ ├── 07-python.mdc
│ ├── 08-c_cpp.mdc
│ ├── 09-dotnet.mdc
│ ├── 10-testing.mdc
│ ├── 11-documentation.mdc
│ ├── 12-interaction.mdc
│ ├── 13-output-format.mdc
│ └── 14-compliance.mdc
└── Documentation/
├── api-hardening-guide.md
├── architecture-overview.md
├── asvs-checklist.md
├── compliance-matrix.md
├── data-classification.md
├── data-flow-diagram.md
├── encryption-policy.md
├── gdpr-checklist.md
├── hipaa-checklist.md
├── linddun-privacy-model-template.md
├── logging-policy.md
├── pci-checklist.md
├── PHI-or-PCI-handling.md
├── privacy-requirements.md
├── risk-register.md
├── security-model.md
├── security-requirements.md
├── stride-threat-model-template.md
├── system-boundaries.md
└── threat-model.md
When creating the commands, make sure to update the source paths to match where you cloned this repository:
For /copydocumentation:
- Default:
~/cursorExtra/Documentation/* - Update to:
~/your-path/cursorRules/Documentation/*(or wherever you placed the repo)
For /copyrules:
- Default:
~/cursorExtra/Rules/* - Update to:
~/your-path/cursorRules/.cursor/rules/*(or wherever you placed the repo)
After copying the rules, you can:
- Add project-specific rules in
.cursor/rules/with higher priority numbers - Modify existing rules to fit your project's needs
- Create language-specific or framework-specific rule files
This is a template repository. Feel free to:
- Fork and customize for your organization
- Add additional rules and documentation
- Share improvements back to the community
This project is licensed under the MIT License - see the LICENSE file for details.
You can also view the license online at mit-license.org or generate a personalized version using the mit-license service.
For issues or questions, please open an issue or refer to the documentation in the Documentation/ folder.
I'm still evaluating the usage of this rules
- Requires Optimization
- Requires Usability testing
- Requires Effectiveness testing