Skip to main content
Corridor integrates with Cursor Cloud Agents to catch security vulnerabilities before code is committed. When configured, every cloud agent session installs the Corridor CLI and a git pre-commit hook that scans staged changes and blocks commits containing security findings.
Cursor is the first supported cloud agent. Support for additional cloud agent providers is coming soon.

Prerequisites

  • A Corridor account with a team created
  • Owner role on your Corridor team
  • A Cursor account with Cloud Agents enabled

Setup

1

Open the Cloud Agents page in Corridor

In the Corridor dashboard, navigate to Governance > Cloud Agents and click the Configuration tab.Select Cursor from the agent options.
2

Open the Cursor Cloud Agents dashboard

Go to cursor.com/dashboard/cloud-agents and select the environment you want to configure.
3

Generate a Corridor API key

Back in the Corridor Configuration tab, enter a name for your key (for example, “Cursor cloud agents”) and click Generate key.A modal will display the full API key. Copy it immediately. The key is only shown once.
4

Add the API key as a secret in Cursor

In your Cursor environment settings, scroll to the Secrets section and add a new secret:
  • Name: CORRIDOR_API_KEY
  • Value: the API key you copied in the previous step
5

Paste the setup script

Back in Corridor, copy the setup script shown in step 3 of the Configuration timeline. In your Cursor environment settings, paste it into the Update Script field and save.The script runs at the start of every cloud agent session. It installs the Corridor CLI and a git pre-commit hook that runs corridor scan --staged before each commit.

Advanced: custom environments

The setup script is the fastest path and wires everything up for you. If you manage your own agent environment — for example, building the Corridor CLI into a Docker image — you can add the same three pieces to your existing configuration manually instead:
1

Set the API key

Add your team API key as an environment secret named CORRIDOR_API_KEY.
2

Install the Corridor CLI

Install the latest Corridor CLI in your image build or setup script:
curl -fsSL https://app.corridor.dev/cli/install.sh | CI=true sh
Or download the latest release binary from the Corridor CLI releases page and put corridor on your PATH.
3

Configure the git pre-commit hook

Add a git pre-commit hook that runs corridor scan --staged. Install it into your repository’s standard hook location — .git/hooks/pre-commit, or .husky/pre-commit if your repo uses Husky — and the agent environment will run it on every commit.

How it works

Once configured, every Cursor Cloud Agent session will:
  1. Install the Corridor CLI
  2. Install a git pre-commit hook in the repository
  3. Scan staged changes before each commit
  4. Block commits that contain security findings
Findings caught by the pre-commit scan appear in the Usage tab of the Cloud Agents page, where you can review severity, affected files, and resolution status.

Managing API keys

You can view and revoke API keys in the Configuration tab under Team-Owned API Keys. Each key shows its name, creation date, and last used date. To rotate a key:
  1. Generate a new key in Corridor
  2. Update the CORRIDOR_API_KEY secret in your Cursor environment
  3. Revoke the old key

Next steps

Guardrails

Configure the security rules that cloud agents enforce.

Findings

Learn how to review and resolve security findings.