Cursor

Security checks across malware telemetry and agentic risk

Overview

This is a Cursor guidance skill that discloses its sensitive workflows and asks for user approval before higher-trust actions.

Safe to install as a guidance skill, but only approve Cursor indexing, Background Agents, GitHub write access, remote MCP, and unattended cursor-agent runs for clearly scoped repos and tasks, and review outputs before applying or merging changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The setup text defines activation using broad triggers such as "whenever Cursor... comes up" and "jump in proactively," which can cause the skill to engage outside the user's intended scope. In a security-sensitive assistant context, overbroad activation increases the chance of unintended advice, context capture, or persistence prompts in workflows where the skill is not appropriate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal