ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cursor IDE Agent

v3.0.2

Use Cursor Agent for coding tasks via two paths: (1) Local CLI — run Cursor Agent directly from terminal for fast, general-purpose coding in any project; (2)...

0· 577·1 current·1 all-time
by@xiaoyaner0201
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and required binaries (agent or cursor-agent) align with a Cursor CLI/Node integration. The instructions focus on CLI and Node workflows expected for an IDE agent. However repository metadata (_meta.json owner, README author links, and published version) do not consistently match the registry metadata (owner ID and version 3.0.2), which is an inconsistency in provenance.
!
Instruction Scope
SKILL.md instructs the user to install and invoke the Cursor CLI and describes reading project-level files (.cursor/rules, AGENTS.md, CLAUDE.md, mcp.json) and using @filename to include context. These are coherent for a code agent, but the instructions also include running an external installer via curl https://cursor.com/install | bash and recommend running interactive TUI via PTY. The curl|bash pattern and the ability to include arbitrary files from the workspace increase risk if users or agents run commands without inspection.
!
Install Mechanism
There is no automated install spec in the package (instruction-only), but SKILL.md explicitly tells users to run curl https://cursor.com/install -fsS | bash. Executing remote install scripts piped to a shell is higher risk even when hosted on a well-known domain; the guidance should advise inspecting the script or using a package manager/homebrew alternative. The README also lists a Homebrew install path, which is lower risk, but the primary example is the curl|bash flow.
Credentials
The skill declares no required environment variables, no credentials, and no required config paths. The files and project-level paths the skill references (workspace files, .cursor rules) are proportional to a coding assistant. No unrelated secrets or cloud credentials are requested.
Persistence & Privilege
always:false and default invocation behavior is normal. The skill does not request to modify other skills or system-wide configuration. It documents reading project workspace files and interacting with Cursor cloud endpoints when the user opts in, which is expected for this functionality.
Scan Findings in Context
[no_code_files_to_scan] expected: The static scanner had no code files to analyze because this is an instruction-only skill (SKILL.md and README only). Absence of findings is not evidence of safety; review the instructions carefully (they include a remote install command).
What to consider before installing
This skill largely does what it says: it's a wrapper/guide for using the Cursor CLI and Node-based remote IDE. However: (1) metadata mismatches (different owner names and version numbers across registry info, README, and _meta.json) reduce confidence in provenance — prefer skills whose metadata and source are consistent and verifiable; (2) SKILL.md recommends running curl https://cursor.com/install | bash — do not run remote install scripts blindly. If you need the CLI, prefer a package-manager install (Homebrew, distribution package) or fetch the install script and inspect it before executing; (3) the agent/workflows read project files (e.g., .cursor/rules, AGENTS.md, mcp.json, any file referenced with @filename). Only grant workspace access to code/projects you trust; avoid pointing the agent at sensitive system paths; (4) confirm the cursor.com domain and verify authenticity of the installer and binary versions (agent vs cursor-agent) before installing; (5) because this is instruction-only, there is no bundled code to audit — treat the instructions as the security surface and verify any external binaries and network endpoints the skill recommends.

Like a lobster shell, security has layers — review code before you run it.

latestvk9751ax4r06kg5k5x4ryhyverd81x8z1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🖥️ Clawdis
Any binagent, cursor-agent

Comments