ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cursor2api Skill Clawhub

v1.0.2

Manage and deploy cursor2api to convert Cursor IDE AI conversations into Anthropic/OpenAI API formats, including token refresh and uninstallation.

0· 131·0 current·0 all-time
byJialin@0xcjl

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for 0xcjl/cursor2api.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Cursor2api Skill Clawhub" (0xcjl/cursor2api) from ClawHub.
Skill page: https://clawhub.ai/0xcjl/cursor2api
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install cursor2api

ClawHub CLI

Package manager switcher

npx clawhub@latest install cursor2api
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The declared goal—run a cursor2api proxy so Cursor conversations appear as Anthropic/OpenAI API calls—is consistent with the commands and files. Requiring Docker/Node and a Cursor session token is reasonable for this purpose. However the skill metadata declares no required env vars/credentials while the runtime instructions repeatedly require and use a sensitive WorkosCursorSessionToken and ANTHROPIC_API_KEY, which is an internal inconsistency.
!
Instruction Scope
The SKILL.md and references instruct users to extract a browser session cookie (WorkosCursorSessionToken) via DevTools and place that token into env vars or plaintext dotfiles (~/.cursor2apirc, ~/.zshrc). They also provide curl examples and an auto-refresh script that restarts a docker container with the token. This guidance involves handling and persisting a highly sensitive session cookie and suggests actions (storing tokens in shell config) that expand scope beyond a minimal proxy setup. The instructions also acknowledge ToS risk but do not provide safer alternatives.
!
Install Mechanism
There is no packaged install spec, but the skill's core operations rely on pulling and running a third-party Docker image (waitkafuka/cursor-api:latest). Running an unvetted container from Docker Hub can execute arbitrary code on the host. No provenance, homepage, or source repo is provided to validate that image. The included refresh script simply restarts that container (benign), but the primary runtime behavior depends on the remote image's trustworthiness.
!
Credentials
The metadata lists no required environment variables or primary credential, yet the documentation and commands require WORKOS_CURSOR_SESSION_TOKEN and set ANTHROPIC_API_KEY (the session token). Asking users to copy a session cookie and store it in env files or use it as an API key is high-sensitivity. The skill does not request unrelated credentials, but its handling and recommended storage of this secret (plaintext rc files, scripts) is disproportionate and risky. The instructions also recommend using the token as an API key across services and host machines (local/remote), increasing exposure.
Persistence & Privilege
The skill is instruction-only and not forced always-on. It does, however, instruct users to modify shell rc files (~/.zshrc) and create a dotfile (~/.cursor2apirc) and a script (~~/scripts/cursor-token-refresh.sh) for convenience—these are user-facing persistence recommendations (not automated by the skill). This elevates the operational footprint on the user's machine but does not request platform-level privileges or change other skills' configs.
What to consider before installing
This skill appears to do what it says, but exercise caution. Key points to consider before installing or following its instructions: - The runtime relies on a third-party Docker image (waitkafuka/cursor-api:latest) with no source or homepage; pulling/running it may execute arbitrary code. Verify the image source or run it in an isolated VM/container environment. - The instructions require you to extract a session cookie (WorkosCursorSessionToken) from your browser and use it as an API key. That token is highly sensitive: anyone possessing it can access your Cursor account. Avoid storing it in plaintext files or shell rc files; prefer a secure secret store, short-lived tokens, or a dedicated throwaway account if you must test. - The skill metadata does not declare the env vars it actually uses (WORKOS_CURSOR_SESSION_TOKEN, ANTHROPIC_API_KEY). That mismatch is an incoherence—treat the provided metadata as incomplete. - Using a session cookie as an API key and proxying Cursor traffic may violate Cursor's Terms of Service; the docs note ToS risk—review Cursor's policies first. - If you decide to proceed: inspect the Docker image (source repo or image contents), run it on a non-production or isolated host, do not reuse high-privilege credentials, and avoid persisting tokens in plaintext. If you want stronger assurance, ask the skill author for the image repository/source, a reproducible Dockerfile, or a signed release, and for metadata to be updated to declare the required env vars/credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97evh8mmhtcrm112ee6g7vby583j7m5
131downloads
0stars
3versions
Updated 1mo ago
v1.0.2
MIT-0
Jialin@0xcjl
latest
Download

cursor2api

cursor2api bridges Cursor IDE's AI models with OpenClaw/Claude Code by converting Cursor's internal API into standard Anthropic/OpenAI formats.

Architecture:

OpenClaw / Claude Code
         ↓ (ANTHROPIC_BASE_URL)
cursor2api Docker/Node (:3010)
         ↓ (Session Token)
Cursor Official API

Prerequisites

  • Docker (for containerized deployment) or Node.js 18+ (for local)
  • A Cursor account with active AI subscription
  • WorkosCursorSessionToken from Cursor

Quick Start

# 1. Get your WorkosCursorSessionToken (see references/token.md)

# 2. Start the service
docker run -d \
  --name cursor-api \
  -p 3010:3000 \
  -e WORKOS_CURSOR_SESSION_TOKEN=your_token \
  waitkafuka/cursor-api:latest

# 3. Configure OpenClaw
export ANTHROPIC_BASE_URL="http://localhost:3010/v1"
export ANTHROPIC_API_KEY="your_token"
export ANTHROPIC_DEFAULT_SONNET_MODEL="claude-sonnet-4-6"

# 4. Restart OpenClaw
openclaw gateway restart

Core Operations

OperationCommand
Installdocker run -d --name cursor-api -p 3010:3000 -e WORKOS_CURSOR_SESSION_TOKEN=token waitkafuka/cursor-api:latest
Statusdocker ps | grep cursor-api
Refresh TokenSee references/token.md
Uninstalldocker stop cursor-api && docker rm cursor-api

API Endpoints

EndpointFormatCompatible With
http://localhost:3010/v1/messagesAnthropic Messages APIOpenClaw, Claude Code
http://localhost:3010/v1/chat/completionsOpenAI Chat CompletionsCC Switch, Universal

Documentation

DocumentDescription
Installation GuideDocker deployment, verification, troubleshooting
Token ManagementObtaining and refreshing WorkosCursorSessionToken
ConfigurationOpenClaw, Claude Code, CC Switch setup
Quick ReferenceOne-page cheat sheet

⚠️ Important Notes

  • ToS Risk: Using third-party proxies may violate Cursor's Terms of Service
  • Token Expiry: Session tokens expire periodically; monitor and refresh as needed
  • API Stability: Cursor's internal API may change without notice

Comments

Loading comments...