cursor-subagents
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill follows secure secret management practices in its examples (
references/agents-field.md) by utilizing environment variables (process.env.CURSOR_API_KEY) rather than hardcoded credentials. - [SAFE]: Documentation in
references/mcp-scoping.mdexplicitly promotes security through 'MCP scoping,' which restricts subagent access to only specific tools or servers required for their tasks, minimizing the risk surface of delegation. - [SAFE]: External references to the
@modelcontextprotocol/server-githubpackage are legitimate and point to official services from the Model Context Protocol organization.
Audit Metadata