Cursor is the first supported cloud agent. Support for additional cloud agent providers is coming soon.
Prerequisites
- A Corridor account with a team created
- Owner role on your Corridor team
- A Cursor account with Cloud Agents enabled
Setup
Open the Cloud Agents page in Corridor
In the Corridor dashboard, navigate to Governance > Cloud Agents and click the Configuration tab.Select Cursor from the agent options.
Open the Cursor Cloud Agents dashboard
Go to cursor.com/dashboard/cloud-agents and select the environment you want to configure.
Generate a Corridor API key
Back in the Corridor Configuration tab, enter a name for your key (for example, “Cursor cloud agents”) and click Generate key.A modal will display the full API key. Copy it immediately. The key is only shown once.
Add the API key as a secret in Cursor
In your Cursor environment settings, scroll to the Secrets section and add a new secret:
- Name:
CORRIDOR_API_KEY - Value: the API key you copied in the previous step
Paste the setup script
Back in Corridor, copy the setup script shown in step 3 of the Configuration timeline. In your Cursor environment settings, paste it into the Update Script field and save.The script runs at the start of every cloud agent session. It installs the Corridor CLI and a git pre-commit hook that runs
corridor scan --staged before each commit.Advanced: custom environments
The setup script is the fastest path and wires everything up for you. If you manage your own agent environment — for example, building the Corridor CLI into a Docker image — you can add the same three pieces to your existing configuration manually instead:Install the Corridor CLI
Install the latest Corridor CLI in your image build or setup script:Or download the latest release binary from the Corridor CLI releases page and put
corridor on your PATH.Configure the git pre-commit hook
Add a git pre-commit hook that runs
corridor scan --staged. Install it into your repository’s standard hook location — .git/hooks/pre-commit, or .husky/pre-commit if your repo uses Husky — and the agent environment will run it on every commit.How it works
Once configured, every Cursor Cloud Agent session will:- Install the Corridor CLI
- Install a git pre-commit hook in the repository
- Scan staged changes before each commit
- Block commits that contain security findings
Managing API keys
You can view and revoke API keys in the Configuration tab under Team-Owned API Keys. Each key shows its name, creation date, and last used date. To rotate a key:- Generate a new key in Corridor
- Update the
CORRIDOR_API_KEYsecret in your Cursor environment - Revoke the old key
Next steps
Guardrails
Configure the security rules that cloud agents enforce.
Findings
Learn how to review and resolve security findings.