ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Coding with Cursor AI

v1.0.0

Execute coding tasks like feature implementation, bug fixes, refactoring, and code reviews using Cursor AI within specified project directories.

0· 18·0 current·0 all-time
byI Gede Rahmat Wijaya@igrwijaya
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the implemented behavior: the script invokes a Cursor CLI agent against a specified project directory and creates a task file describing the requested code changes. The included requirements.txt references cursor-agent, which is coherent for a Cursor-based coding skill.
Instruction Scope
SKILL.md and the script both run Cursor against a repository (expected), but there is a gap: SKILL.md recommends verifying edits before committing, yet the script directly runs cursor-agent and does not enforce a verification step or otherwise gate commits. Depending on cursor-agent's behavior this could result in automated commits/PRs without an explicit local review. The skill also defaults to a workspace path in the docs, which may encourage running against user projects.
Install Mechanism
This is an instruction-only skill with no install spec; the only artifact is requirements.txt (cursor-agent) and a bash script. No remote downloads or archive extraction are present in the package itself. The runtime depends on an external cursor-agent binary being present on PATH.
Credentials
No required environment variables are declared, which is reasonable, but the script will export and use CURSOR_API_KEY if present (optional). The skill does not request unrelated secrets or system config. Important operational note: running cursor-agent will send repository contents to Cursor's service (network activity to cursor.com or Cursor's backend) — that is inherent to the stated purpose but worth explicit attention.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide privileges. It does not modify other skills or global agent configuration. It writes temporary task files to /tmp and operates on the specified project path.
Assessment
This skill does what it says: it runs the Cursor CLI against code in a project directory. Before using it, confirm how your installed cursor-agent behaves (does it auto-commit or open an interactive session?). Only run it on repositories you are comfortable sharing with Cursor's service and avoid running it directly on production branches. Consider: (1) testing in a disposable or forked repo and on a feature/dev branch, (2) ensuring no secrets are present in the repo, (3) adding an explicit verification step (or modifying the script) so changes are reviewed before being committed/pushed, and (4) verifying the provenance of the cursor-agent package and the trustworthiness of the Cursor service if you will send private code.

Like a lobster shell, security has layers — review code before you run it.

latestvk974455mvnwc35xbzqp2528cnx854esq
18downloads
0stars
1versions
Updated 3h ago
v1.0.0
MIT-0
I Gede Rahmat Wijaya@igrwijaya
latest
Download

coding-with-cursor-ai

Description

Execute coding tasks using Cursor AI agent for advanced code generation, refactoring, and bug fixes. This skill is designed to handle complex logic changes, feature implementations, and code reviews within the /home/ubuntu/workspace projects.

Usage

Use this skill whenever:

  • Implementing new features
  • Fixing bugs
  • Refactoring code
  • Writing unit tests
  • Performing code reviews

Inputs

  • project: Path to the project root (e.g., /home/ubuntu/workspace/zinner/repo/zinner-webapi)
  • task: Natural language description of the coding task
  • files: Optional list of files to focus on

Execution

The skill spawns a Cursor AI agent session with full access to the project repository. It uses Cursor's advanced reasoning and code editing capabilities to complete the task and commit changes.

Constraints

  • Always verify Cursor's edits before final commit
  • Do not run Cursor on production branches without review
  • Prefer dev or feature branches for automated coding

Example

project: /home/ubuntu/workspace/zinner/repo/zinner-webcms
task: Add Terms and Conditions page with dummy content

Comments

Loading comments...