Security audit
Cursor CLI
Security checks across malware telemetry and agentic risk
Overview
The plugin is transparent about being a Cursor Agent bridge, but its default mode can let Cursor Agent edit files or run shell commands without per-action approval.
Install this only if you intend to delegate model calls to Cursor Agent. For safest provider-only use, configure mode:"ask" and allowTools:false before using it; enable sandboxing or plan mode for less-trusted workspaces, verify the active Cursor account, and start fresh sessions for sensitive tasks.
VirusTotal
62/62 vendors flagged this plugin as clean.
Static analysis
No suspicious patterns detected.
