ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cursor CLI Agent

v2.1.0

A comprehensive skill for using the Cursor CLI agent for various software engineering tasks (updated for 2026 features, includes tmux automation guide).

17· 10.4k·86 current·88 all-time
by@swiftlysingh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and SKILL.md content are consistent: this is an instruction-only skill for using the Cursor CLI (installation, interactive/non-interactive usage, tmux automation, MCP/rules). The required/declared metadata requests no unrelated credentials or system access.
!
Instruction Scope
The instructions include step-by-step tmux automation that sends keystrokes (tmux send-keys) to accept prompts (e.g., sending "a" to trust a workspace) and recommends using --force to auto-apply changes. These actions effectively automate interactive confirmations and can enable unattended code changes or acceptance of security prompts — behavior that goes beyond passive guidance and could be abused if run on sensitive projects or by untrusted automation.
!
Install Mechanism
Although there's no formal install spec in the registry, SKILL.md recommends running a remote install script via curl https://cursor.com/install -fsS | bash. Piping a remote script to the shell is common but high-risk because it executes fetched code without a local review. A Homebrew option is provided (safer), but the curl|bash recommendation should be treated with caution and the installer reviewed before execution.
Credentials
The skill declares no required environment variables or credentials. The README/SKILL.md mention an optional CURSOR_API_KEY or browser login for the Cursor CLI — this is proportional and expected for a CLI that can authenticate to a service. No unrelated secrets are requested.
Persistence & Privilege
The skill does not request always: true and contains no install-time hooks in the registry metadata. However, the documentation explicitly shows how to automate the CLI (tmux automation, --force), which increases risk if the agent invoking this skill is allowed autonomous operation. Consider limiting autonomous invocation or restricting the environments where automation runs.
What to consider before installing
This skill appears to be a legitimate Cursor CLI guide, but pay attention to three risky patterns before using it: - Review the installer before running it: the SKILL.md recommends curl https://cursor.com/install | bash. Avoid piping remote scripts straight to your shell unless you inspect the script first; prefer package-manager installs (Homebrew) or verified releases. - Be cautious with automation that accepts prompts: the tmux examples send keystrokes to automatically 'trust' a workspace and recommend --force to auto-apply changes. That bypasses interactive confirmation and can cause unattended modifications or acceptance of insecure prompts. Do not run these automation steps in sensitive repos or on machines you don't fully control. - Limit exposure when integrating with agents: if you enable autonomous agent invocation or run these flows in CI, ensure the environment is isolated, the API key (if used) is scoped and rotated, and a human reviews any auto-applied changes. If you plan to use this skill: inspect the installer URL contents, remove or modify the auto-trust / auto-apply steps to require manual confirmation, test in a disposable repo/VM first, and avoid exposing high-privilege secrets to the environment where you run automated Cursor sessions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bdjtfvpyk5t5gqqssbkzh5d7z53fz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments