> ## Documentation Index
> Fetch the complete documentation index at: https://docs.corridor.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Cursor

> Set up Corridor with Cursor Cloud Agents to scan code for security vulnerabilities before every commit.

Corridor integrates with [Cursor Cloud Agents](https://cursor.com/agents) to catch security vulnerabilities before code is committed. When configured, every cloud agent session installs the Corridor CLI and a git pre-commit hook that scans staged changes and blocks commits containing security findings.

<Note>
  Cursor is the first supported cloud agent. Support for additional cloud agent providers is coming soon.
</Note>

## Prerequisites

* A Corridor account with a team created
* **Owner** role on your Corridor team
* A Cursor account with Cloud Agents enabled

## Setup

<Steps>
  <Step title="Open the Cloud Agents page in Corridor">
    In the [Corridor dashboard](https://app.corridor.dev), navigate to **Governance > Cloud Agents** and click the **Configuration** tab.

    Select **Cursor** from the agent options.
  </Step>

  <Step title="Open the Cursor Cloud Agents dashboard">
    Go to [cursor.com/dashboard/cloud-agents](https://cursor.com/dashboard/cloud-agents) and select the environment you want to configure.
  </Step>

  <Step title="Generate a Corridor API key">
    Back in the Corridor Configuration tab, enter a name for your key (for example, "Cursor cloud agents") and click **Generate key**.

    A modal will display the full API key. Copy it immediately. The key is only shown once.
  </Step>

  <Step title="Add the API key as a secret in Cursor">
    In your Cursor environment settings, scroll to the **Secrets** section and add a new secret:

    * **Name:** `CORRIDOR_API_KEY`
    * **Value:** the API key you copied in the previous step
  </Step>

  <Step title="Paste the setup script">
    Back in Corridor, copy the setup script shown in step 3 of the Configuration timeline. In your Cursor environment settings, paste it into the **Update Script** field and save.

    The script runs at the start of every cloud agent session. It installs the Corridor CLI and a git pre-commit hook that runs `corridor scan --staged` before each commit.
  </Step>
</Steps>

## Advanced: custom environments

The [setup script](#setup) is the fastest path and wires everything up for you. If you manage your own agent environment — for example, building the Corridor CLI into a Docker image — you can add the same three pieces to your existing configuration manually instead:

<Steps>
  <Step title="Set the API key">
    Add your team API key as an environment secret named `CORRIDOR_API_KEY`.
  </Step>

  <Step title="Install the Corridor CLI">
    Install the latest Corridor CLI in your image build or setup script:

    ```bash theme={null}
    curl -fsSL https://app.corridor.dev/cli/install.sh | CI=true sh
    ```

    Or download the latest release binary from the [Corridor CLI releases](https://github.com/CorridorSecurity/corridor-cli/releases/latest) page and put `corridor` on your `PATH`.
  </Step>

  <Step title="Configure the git pre-commit hook">
    Add a git pre-commit hook that runs `corridor scan --staged`. Install it into your repository's standard hook location — `.git/hooks/pre-commit`, or `.husky/pre-commit` if your repo uses [Husky](https://typicode.github.io/husky/) — and the agent environment will run it on every commit.
  </Step>
</Steps>

## How it works

Once configured, every Cursor Cloud Agent session will:

1. Install the Corridor CLI
2. Install a git pre-commit hook in the repository
3. Scan staged changes before each commit
4. Block commits that contain security findings

Findings caught by the pre-commit scan appear in the **Usage** tab of the Cloud Agents page, where you can review severity, affected files, and resolution status.

## Managing API keys

You can view and revoke API keys in the **Configuration** tab under **Team-Owned API Keys**. Each key shows its name, creation date, and last used date.

To rotate a key:

1. Generate a new key in Corridor
2. Update the `CORRIDOR_API_KEY` secret in your Cursor environment
3. Revoke the old key

## Next steps

<CardGroup cols={2}>
  <Card title="Guardrails" icon="shield-check" href="/features/guardrails">
    Configure the security rules that cloud agents enforce.
  </Card>

  <Card title="Findings" icon="magnifying-glass" href="/features/findings">
    Learn how to review and resolve security findings.
  </Card>
</CardGroup>
