← 返回 Skills 市场
zhangzeyu99-web

OpenClaw Cursor Agent

作者 Evenstar · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
383
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-cursor-agent
功能描述
Manage long-running Cursor CLI coding tasks through OpenClaw tools backed by tmux sessions. Use when the user asks to start a persistent coding job, inspect...
安全使用建议
What to check before installing: - Understand the power: this skill runs shell scripts and the Cursor CLI in your filesystem and can modify project directories (it may run git commands, create files, push changes if instructed). Only install if you trust the code and intended tasks. - Metadata mismatch: the package metadata claims no required binaries, but runtime scripts require bash, tmux, python3, and the Cursor CLI (agent). Expect to install/configure these first. - Environment leakage: the Node extension launches scripts with the full process environment (process.env). Remove secrets from the agent environment or run the plugin under a separate, limited account/environment if you want to reduce risk. - Inspect toolkitRoot: the plugin requires a toolkitRoot pointing at the included cursor-agent-system. Make sure it points to the copy you reviewed. Don’t point toolkitRoot to an existing system path you don’t control. - Review restore/backup steps: documentation contains commands that copy backups into ~/.openclaw and download archives — do not run those blindly; review restore.sh and any backup contents before executing. - Run doctor and tests in an isolated environment: before trusting it with real projects, configure toolkitRoot in a sandbox directory, run openclaw cursor-agent-doctor, and perform the minimal smoke tests described in the docs. - If you need stronger guarantees: run the plugin inside a VM/isolated container or under a user with limited privileges, and avoid exposing sensitive env vars to the OpenClaw process.
功能分析
Type: OpenClaw Skill Name: openclaw-cursor-agent Version: 1.0.0 The bundle provides a framework for managing persistent Cursor CLI coding tasks via `tmux` and `WSL`, which involves high-risk capabilities such as remote shell execution and session manipulation. Key indicators include the use of the `--trust --force` flags in `spawn-cursor.sh` to bypass Cursor CLI security prompts and the ability to inject arbitrary keystrokes into active terminal sessions via `tmux send-keys` in `send-command.sh`. While these features are aligned with the stated purpose of automating long-running development tasks and no clear evidence of intentional malice (like data exfiltration) was found, the broad permissions and the potential for the OpenClaw agent to be used as a vector for arbitrary command execution justify a suspicious classification.
能力评估
Purpose & Capability
The plugin, JS entrypoint, and the included shell scripts are coherent with the described purpose: they spawn tmux sessions, run Cursor CLI, track status files, send commands, and kill sessions. However, the package metadata claims "Required binaries: none" whereas the runtime scripts and docs clearly require bash, tmux, python3, and the Cursor CLI (agent/cursor-agent). That metadata omission is an incoherence and could mislead users about runtime requirements.
Instruction Scope
SKILL.md and the included scripts instruct the agent to run local shell scripts that create task/runner/log/status files and execute Cursor CLI in project directories. Those scripts will run commands in user-specified project paths and can modify the project (git operations are part of recommended tasks). The Node extension spawns child processes with env: process.env (it forwards the entire environment) so any environment variables available to the agent are also visible to the scripts/child processes. The docs also include a restore script and backup download steps that would copy many files into ~/.openclaw if followed — a potentially destructive operation if executed without review.
Install Mechanism
There is no external install spec (no arbitrary download/extract). The skill is instruction/code-only and includes local scripts and a Node entrypoint. No third-party URL downloads or installation of remote archives are present in the plugin files themselves (the docs show curl usage for installing Node/Cursor or downloading backups, which are standard but require user discretion).
Credentials
The skill declares no required environment variables or primary credentials, which superficially looks safe. In practice the Node code launches shell scripts with env: process.env (inheriting the agent process environment) and the scripts run external tools and may operate in arbitrary project directories. That means secrets present in the agent environment (AWS keys, tokens, etc.) could be visible to child processes or to any code the Cursor agent executes. Also the skill expects configuration (toolkitRoot) but that is not declared in the top-level 'required' metadata, increasing the chance of misconfiguration.
Persistence & Privilege
always is false. The skill writes state, task and log files under the configured toolkitRoot/status, tasks, and logs directories (normal for this functionality). It does not request to modify other skills or global agent settings. Nevertheless, scripts and the Cursor agent will be capable of making changes in target project directories (including git commits/pushes) — this is expected for a background coding agent but is a high-impact capability that users must accept explicitly.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install openclaw-cursor-agent
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /openclaw-cursor-agent 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
OpenClaw Cursor Agent 1.0.0 - Initial release with full support for managing persistent Cursor CLI coding tasks via OpenClaw tools and tmux sessions. - Supports starting, monitoring, sending commands to, and killing backend Cursor sessions. - Includes diagnostic tool to check environment and dependencies. - Provides natural language mappings for user instructions in both English and Chinese. - Outputs session and task IDs when spawning tasks; reports progress, current step, and tmux status when checking tasks. - Clear error reporting for missing dependencies (tmux, python3, agent, WSL).
元数据
Slug openclaw-cursor-agent
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

OpenClaw Cursor Agent 是什么?

Manage long-running Cursor CLI coding tasks through OpenClaw tools backed by tmux sessions. Use when the user asks to start a persistent coding job, inspect... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 383 次。

如何安装 OpenClaw Cursor Agent?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-cursor-agent」即可一键安装,无需额外配置。

OpenClaw Cursor Agent 是免费的吗?

是的,OpenClaw Cursor Agent 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

OpenClaw Cursor Agent 支持哪些平台?

OpenClaw Cursor Agent 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 OpenClaw Cursor Agent?

由 Evenstar(@zhangzeyu99-web)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论