~ / directory / cursor
CU
Mixed · AI Code Assistants · reviewed 2026-04

Cursor

AI-native code editor.

Visit www.cursor.com/en
01

What it does

An AI-native code editor built on VS Code with deep model integration. Provides code completion, multi-file editing, codebase-aware chat, and increasingly autonomous coding capabilities. Same underlying technology concerns as GitHub Copilot. Anysphere's Cursor reached $500M ARR — the highest-revenue AI agent startup per CB Insights, with $3.2M revenue per employee. Featured in multiple OWASP ASI exploit entries: config overwrite via case mismatch (ASI05), workspace file injection (ASI05), and MCP OAuth response exploitation (ASI07).

02

Security relevance

Same governance implications as Copilot — proprietary code exposure to external models, generated code quality and security, and shadow AI risk if developers adopt it without approval. Cursor's codebase indexing means it may process more code context than simpler assistants.

03

When to use it

Govern the same way as Copilot. If developers are using Cursor, ensure governance policies address code classification, model provider selection, and review requirements. Desktop application requiring installation, subscription, and governance policy compliance.

04

OWASP coverage

Risks addressed — mapped to both OWASP Top 10 standards. 1 in LLM, 2 in Agentic.

LLM Top 10 · 2025 · 1/10 covered
01
02
03
04
05
06
07
08
09
10
LLM06 · Excessive Agency
Agentic Top 10 · 2026 · 2/10 covered
01
02
03
04
05
06
07
08
09
10
ASI05 · Unexpected Code Execution ASI09 · Human-Agent Trust Exploit
05

The raw record

What Yuntona stores. Single source of truth — fork it on GitHub.

name: Cursor
slug: cursor
type: Mixed
category: AI Code Assistants
url: https://www.cursor.com/en

reviewed:   2026-04
added:      2026-04
updated:    2026-04

risks:
  llm:  [LLM06]
  asi:  [ASI05, ASI09]

complexity:    Guided Setup
pricing:       —
audience:      Builder
lifecycle:     [develop]

tags: [Code, Dev, Editor]