Admins can now create a team marketplace without connecting a repository first. Add, remove, and configure install behavior for first-party plugins directly in team marketplace settings.
Plugins bundle capabilities like MCP servers, skills, subagents, rules, and hooks that extend agents with custom functionality. Each plugin can be distributed in one of three ways:
Default Off: users can discover and opt in
Default On: users get the plugin installed by default, but can opt out
Required: users always have the plugin and cannot uninstall it
Cursor Security Review is now in beta on Teams and Enterprise plans. You can run two types of always-on security agents: Security Reviewer and Vulnerability Scanner.
Security Reviewer checks every PR for security vulnerabilities, auth regressions, privacy and data-handling risks, agent tool auto-approvals, and prompt injection attacks. It will leave inline comments at the exact diff location with severity and remediation.
Vulnerability Scanner runs scheduled scans of your codebase to check for known vulnerabilities, outdated dependencies, and configuration issues. You can configure it to send updates of its findings in Slack.
Customize Cursor-managed security agents by adjusting triggers, adding your own instructions, giving them custom tooling, and choosing how outputs are shared. For example, you can plug in MCP servers for your existing SAST, SCA, and secrets scanners for Cursor to use as part of the review.
We're also continuously improving the runtime, harness, and models powering Cursor Security Review for a strong out-of-the-box experience.
Security agents draw from your existing usage pool. Admins can enable Security Review in the Cursor dashboard to get started.
We're introducing the Cursor SDK so you can build agents with the same runtime, harness, and models that power Cursor.
The agents that run in the Cursor desktop app, CLI, and web app are now accessible with a few lines of TypeScript. Run it on your machine or on Cursor's cloud against a dedicated VM, with any frontier model.
Run npm install @cursor/sdk to get started and use the Cursor SDK plugin so Cursor can help you build.
import { Agent } from "@cursor/sdk";const agent = await Agent.create({ apiKey: process.env.CURSOR_API_KEY!, model: { id: "composer-2" }, local: { cwd: process.cwd() },});const run = await agent.send("Summarize what this repository does");for await (const event of run.stream()) { console.log(event);}
We built a few sample projects that you can access from a public repo. Fork and extend them for your own use case.
The Cursor SDK is now available for all users in public beta and is billed based on standard, token-based consumption pricing. Learn more in our announcement and docs.
Reworked the API around durable agents and per-prompt runs, so follow-ups, status, streaming, and cancellation are now run-scoped.
Added first-class run streaming with SSE events, reconnect support via Last-Event-ID, and clearer terminal states.
Added explicit agent lifecycle controls with archive, unarchive, and permanent delete.
Standardized v1 response and error shapes, including structured error codes, items list responses, and separate agent / run objects.
This release introduces a new way to multitask with async subagents, an improved worktrees experience, and multi-root workspaces for making cross-repo changes.
With /multitask, Cursor will run async subagents to parallelize your requests instead of adding them to the queue. It will also break down larger tasks into smaller chunks for a fleet of async subagents to tackle simultaneously.
If you already have messages in the queue, you can ask Cursor to multitask on them instead of waiting for the current run to finish.
Run isolated tasks in the background across different branches. When you're ready to test changes, move any branch into your local foreground with one click.
A single agent session can now target a reusable workspace made of multiple folders.
This allows Cursor to make cross-repo changes spanning frontend, backend, and shared libraries, without retargeting the agent every time it moves between repos.
Cursor can now respond by creating interactive canvases.
These visualizations can include dashboards and custom interfaces built using first-party components like tables, boxes, diagrams, and charts, as well as existing Cursor components like diffs and to-do lists.
In the Agents Window, canvases are durable artifacts that live in the side panel alongside the terminal, browser, and source control.
Try it out in Cursor 3.1 in the Agents Window or the editor. Read more in our announcement.
Admins can now create a team marketplace without connecting a repository first. Add, remove, and configure install behavior for first-party plugins directly in team marketplace settings.
Plugins bundle capabilities like MCP servers, skills, subagents, rules, and hooks that extend agents with custom functionality. Each plugin can be distributed in one of three ways:
Default Off: users can discover and opt in
Default On: users get the plugin installed by default, but can opt out
Required: users always have the plugin and cannot uninstall it
Cursor Security Review is now in beta on Teams and Enterprise plans. You can run two types of always-on security agents: Security Reviewer and Vulnerability Scanner.
Security Reviewer checks every PR for security vulnerabilities, auth regressions, privacy and data-handling risks, agent tool auto-approvals, and prompt injection attacks. It will leave inline comments at the exact diff location with severity and remediation.
Vulnerability Scanner runs scheduled scans of your codebase to check for known vulnerabilities, outdated dependencies, and configuration issues. You can configure it to send updates of its findings in Slack.
Customize Cursor-managed security agents by adjusting triggers, adding your own instructions, giving them custom tooling, and choosing how outputs are shared. For example, you can plug in MCP servers for your existing SAST, SCA, and secrets scanners for Cursor to use as part of the review.
We're also continuously improving the runtime, harness, and models powering Cursor Security Review for a strong out-of-the-box experience.
Security agents draw from your existing usage pool. Admins can enable Security Review in the Cursor dashboard to get started.
We're introducing the Cursor SDK so you can build agents with the same runtime, harness, and models that power Cursor.
The agents that run in the Cursor desktop app, CLI, and web app are now accessible with a few lines of TypeScript. Run it on your machine or on Cursor's cloud against a dedicated VM, with any frontier model.
Run npm install @cursor/sdk to get started and use the Cursor SDK plugin so Cursor can help you build.
import { Agent } from "@cursor/sdk";const agent = await Agent.create({ apiKey: process.env.CURSOR_API_KEY!, model: { id: "composer-2" }, local: { cwd: process.cwd() },});const run = await agent.send("Summarize what this repository does");for await (const event of run.stream()) { console.log(event);}
We built a few sample projects that you can access from a public repo. Fork and extend them for your own use case.
The Cursor SDK is now available for all users in public beta and is billed based on standard, token-based consumption pricing. Learn more in our announcement and docs.
Reworked the API around durable agents and per-prompt runs, so follow-ups, status, streaming, and cancellation are now run-scoped.
Added first-class run streaming with SSE events, reconnect support via Last-Event-ID, and clearer terminal states.
Added explicit agent lifecycle controls with archive, unarchive, and permanent delete.
Standardized v1 response and error shapes, including structured error codes, items list responses, and separate agent / run objects.
This release introduces a new way to multitask with async subagents, an improved worktrees experience, and multi-root workspaces for making cross-repo changes.
With /multitask, Cursor will run async subagents to parallelize your requests instead of adding them to the queue. It will also break down larger tasks into smaller chunks for a fleet of async subagents to tackle simultaneously.
If you already have messages in the queue, you can ask Cursor to multitask on them instead of waiting for the current run to finish.
Run isolated tasks in the background across different branches. When you're ready to test changes, move any branch into your local foreground with one click.
A single agent session can now target a reusable workspace made of multiple folders.
This allows Cursor to make cross-repo changes spanning frontend, backend, and shared libraries, without retargeting the agent every time it moves between repos.
Cursor can now respond by creating interactive canvases.
These visualizations can include dashboards and custom interfaces built using first-party components like tables, boxes, diagrams, and charts, as well as existing Cursor components like diffs and to-do lists.
In the Agents Window, canvases are durable artifacts that live in the side panel alongside the terminal, browser, and source control.
Try it out in Cursor 3.1 in the Agents Window or the editor. Read more in our announcement.
