← Back to Skills Marketplace
383
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-cursor-agent
Description
Manage long-running Cursor CLI coding tasks through OpenClaw tools backed by tmux sessions. Use when the user asks to start a persistent coding job, inspect...
Usage Guidance
What to check before installing:
- Understand the power: this skill runs shell scripts and the Cursor CLI in your filesystem and can modify project directories (it may run git commands, create files, push changes if instructed). Only install if you trust the code and intended tasks.
- Metadata mismatch: the package metadata claims no required binaries, but runtime scripts require bash, tmux, python3, and the Cursor CLI (agent). Expect to install/configure these first.
- Environment leakage: the Node extension launches scripts with the full process environment (process.env). Remove secrets from the agent environment or run the plugin under a separate, limited account/environment if you want to reduce risk.
- Inspect toolkitRoot: the plugin requires a toolkitRoot pointing at the included cursor-agent-system. Make sure it points to the copy you reviewed. Don’t point toolkitRoot to an existing system path you don’t control.
- Review restore/backup steps: documentation contains commands that copy backups into ~/.openclaw and download archives — do not run those blindly; review restore.sh and any backup contents before executing.
- Run doctor and tests in an isolated environment: before trusting it with real projects, configure toolkitRoot in a sandbox directory, run openclaw cursor-agent-doctor, and perform the minimal smoke tests described in the docs.
- If you need stronger guarantees: run the plugin inside a VM/isolated container or under a user with limited privileges, and avoid exposing sensitive env vars to the OpenClaw process.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-cursor-agent
Version: 1.0.0
The bundle provides a framework for managing persistent Cursor CLI coding tasks via `tmux` and `WSL`, which involves high-risk capabilities such as remote shell execution and session manipulation. Key indicators include the use of the `--trust --force` flags in `spawn-cursor.sh` to bypass Cursor CLI security prompts and the ability to inject arbitrary keystrokes into active terminal sessions via `tmux send-keys` in `send-command.sh`. While these features are aligned with the stated purpose of automating long-running development tasks and no clear evidence of intentional malice (like data exfiltration) was found, the broad permissions and the potential for the OpenClaw agent to be used as a vector for arbitrary command execution justify a suspicious classification.
Capability Assessment
Purpose & Capability
The plugin, JS entrypoint, and the included shell scripts are coherent with the described purpose: they spawn tmux sessions, run Cursor CLI, track status files, send commands, and kill sessions. However, the package metadata claims "Required binaries: none" whereas the runtime scripts and docs clearly require bash, tmux, python3, and the Cursor CLI (agent/cursor-agent). That metadata omission is an incoherence and could mislead users about runtime requirements.
Instruction Scope
SKILL.md and the included scripts instruct the agent to run local shell scripts that create task/runner/log/status files and execute Cursor CLI in project directories. Those scripts will run commands in user-specified project paths and can modify the project (git operations are part of recommended tasks). The Node extension spawns child processes with env: process.env (it forwards the entire environment) so any environment variables available to the agent are also visible to the scripts/child processes. The docs also include a restore script and backup download steps that would copy many files into ~/.openclaw if followed — a potentially destructive operation if executed without review.
Install Mechanism
There is no external install spec (no arbitrary download/extract). The skill is instruction/code-only and includes local scripts and a Node entrypoint. No third-party URL downloads or installation of remote archives are present in the plugin files themselves (the docs show curl usage for installing Node/Cursor or downloading backups, which are standard but require user discretion).
Credentials
The skill declares no required environment variables or primary credentials, which superficially looks safe. In practice the Node code launches shell scripts with env: process.env (inheriting the agent process environment) and the scripts run external tools and may operate in arbitrary project directories. That means secrets present in the agent environment (AWS keys, tokens, etc.) could be visible to child processes or to any code the Cursor agent executes. Also the skill expects configuration (toolkitRoot) but that is not declared in the top-level 'required' metadata, increasing the chance of misconfiguration.
Persistence & Privilege
always is false. The skill writes state, task and log files under the configured toolkitRoot/status, tasks, and logs directories (normal for this functionality). It does not request to modify other skills or global agent settings. Nevertheless, scripts and the Cursor agent will be capable of making changes in target project directories (including git commits/pushes) — this is expected for a background coding agent but is a high-impact capability that users must accept explicitly.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-cursor-agent - After installation, invoke the skill by name or use
/openclaw-cursor-agent - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
OpenClaw Cursor Agent 1.0.0
- Initial release with full support for managing persistent Cursor CLI coding tasks via OpenClaw tools and tmux sessions.
- Supports starting, monitoring, sending commands to, and killing backend Cursor sessions.
- Includes diagnostic tool to check environment and dependencies.
- Provides natural language mappings for user instructions in both English and Chinese.
- Outputs session and task IDs when spawning tasks; reports progress, current step, and tmux status when checking tasks.
- Clear error reporting for missing dependencies (tmux, python3, agent, WSL).
Metadata
Frequently Asked Questions
What is OpenClaw Cursor Agent?
Manage long-running Cursor CLI coding tasks through OpenClaw tools backed by tmux sessions. Use when the user asks to start a persistent coding job, inspect... It is an AI Agent Skill for Claude Code / OpenClaw, with 383 downloads so far.
How do I install OpenClaw Cursor Agent?
Run "/install openclaw-cursor-agent" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is OpenClaw Cursor Agent free?
Yes, OpenClaw Cursor Agent is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does OpenClaw Cursor Agent support?
OpenClaw Cursor Agent is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created OpenClaw Cursor Agent?
It is built and maintained by Evenstar (@zhangzeyu99-web); the current version is v1.0.0.
More Skills