Integrations
Cursor
Protecting Cursor with Security Layer.
Cursor can be protected using the universal shell shim. A native VS Code extension is planned for v1.
Current integration (shell shim)
The shell shim intercepts all commands Cursor executes through the terminal:
sl shield enableThis installs PATH-priority wrappers that evaluate every command before it reaches the real binary.
How it works
- Cursor runs a shell command (e.g., via terminal or code action)
- The shimmed binary intercepts the call
- Security Layer detects Cursor as the caller (via environment variables and process detection)
- The command is evaluated against Cursor's capability profile
- Allowed commands proceed; denied commands return an error
Caller detection
Security Layer identifies Cursor by:
- Environment variable:
CURSOR_SESSION - Process name:
cursor
Capability profile
Cursor gets its own capability profile defined in ~/.securitylayer/ai-tools.yaml. The default profile grants common development capabilities while restricting dangerous operations.
Future: native extension (v1)
A VS Code extension (@securitylayerai/vscode) that hooks into:
- Terminal creation and command execution
- Filesystem API calls
- Network requests
The extension will use @securitylayerai/sdk in-process for zero-latency checks.
Setup
# Enable shell shim protection
sl shield enable
# Verify
sl statusSee also
- shield — Shell shim management
- Shell shim integration
- callers — Caller detection profiles