Cursor Review Rules — four review-style presets

Cursor Review Rules is a free, MIT-licensed drop-in pack of .cursorrules files that turn Cursor's chat into a focused code reviewer.

Drop one file into your project root, ask Cursor "review the current PR", and you get findings with severity, file:line citations, and a verdict line — not generic "looks good!"

What's inside:

• security.cursorrules — auth/authz, input validation, secrets, injection
• performance.cursorrules — N+1, hot-path allocations, unbounded work
• tests.cursorrules — coverage gaps, weak assertions, missing edge cases
• architecture.cursorrules — boundary drift, premature abstraction, coupling
• WORKFLOW.md — when to run which, how to chain them

The kind of bug this catches that a generic Cursor review misses:

A refactor extracts a reduce() into a helper. Three-line diff, looks safe. Two lines below the diff hunk is .customer.email.toLowerCase() on a typed-nullable customer. Latent null-deref reachable on the next bad input. The security and architecture rules force the model to look at the full file, not just the diff. Reproducible side-by-side: github.com/Lucas2944/prpack/tree/main/examples/invoice-refactor

Free or pay-what-you-want. The CLI ecosystem this came from is and stays MIT-licensed and free. If $5 of value lands, $5 is appreciated.

Install: Unzip, copy the .cursorrules file matching the angle you want into your project root. Cursor picks it up automatically.

Related, also free:

• prpack — the companion CLI. Packs a PR's diff plus the full post-change file content into one markdown file. Use these .cursorrules with prpack's output for the best results.
• prpack-prompts — same four review angles as plain markdown prompts. Works with any LLM, with or without Cursor.
• prpack-action — runs prpack on every PR via GitHub Actions.