Back to plugin

Security audit

Cursor CLI

Security checks across malware telemetry and agentic risk

Overview

The plugin is transparent about being a Cursor Agent bridge, but its default mode can let Cursor Agent edit files or run shell commands without per-action approval.

Install this only if you intend to delegate model calls to Cursor Agent. For safest provider-only use, configure mode:"ask" and allowTools:false before using it; enable sandboxing or plan mode for less-trusted workspaces, verify the active Cursor account, and start fresh sessions for sensitive tasks.

VirusTotal

62/62 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.