Cursor CLI
Security checks across malware telemetry and agentic risk
Overview
This is a small instruction-only skill for using the Cursor CLI, with no hidden installer, persistence, credential harvesting, or unrelated behavior found.
Install this only if you already use and trust Cursor. Use normal shell quoting hygiene for filenames and prompts, prefer explicit ask mode when you only want advice, and avoid sending secrets or sensitive private code unless Cursor's data handling is acceptable to you.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.