Cursor + AgentValet - Governed MCP for your AI code editor

Setup

One command. The CLI writes the config for you.

The AgentValet CLI signs you in via your browser, generates an RS256 keypair, registers your Cursor session as an agent, and writes .cursor/mcp.json for you. No copy-paste, no IDs to track.

terminal

# In your project directory
npx @agentvalet/register

# Browser opens. Sign in. Done.
# The CLI writes:
#   .cursor/mcp.json    - MCP entry, project-scoped

1

Run npx @agentvalet/register in your project directory.

2

Your browser opens to AgentValet. Sign in (or sign up - it's free). The CLI auto-completes registration when you authorize.

3

Add the server from Cursor's MCP settings (the exact menu path varies by version - check Cursor's docs if you don't see it). You should see agentvalet listed as connected.

4

In Agent mode, AgentValet tools appear automatically. Approve platforms in the dashboard and the agent picks them up live.

User-scoped install - prefer one config across every Cursor project? Run npx @agentvalet/register --scope user and the CLI writes to ~/.cursor/mcp.json instead of .cursor/mcp.json.

Prefer to wire it up by hand?

The CLI is the recommended path. If you'd rather edit the config yourself, here's the equivalent:

.cursor/mcp.json

{
  "mcpServers": {
    "agentvalet": {
      "command": "npx",
      "args": ["-y", "@agentvalet/register", "mcp-server"]
    }
  }
}

You'll still want to run npx @agentvalet/register once so the CLI can store your agent's private key on this machine - the MCP server reads it at startup.

Alternative: Connect over OAuth

Add the URL. Click "Needs login." Done.

Cursor supports Streamable HTTP MCP servers. Add AgentValet's URL in Settings, then click the "Needs login" button in the MCP panel. Cursor opens a browser for OAuth consent. The agent gets a signing identity, not a raw credential. Nothing long-lived sits in your config.

mcp.json (or Cursor Settings → MCP)

{
  "mcpServers": {
    "agentvalet": {
      "url": "https://api.agentvalet.ai/mcp/v1/<your-owner-id>"
    }
  }
}

1

Sign in at app.agentvalet.ai and copy your owner id from the dashboard.

2

Open Cursor, go to Settings → MCP, and add the AgentValet server URL. You can paste the JSON above or enter the URL directly.

3

The MCP panel shows a "Needs login" button next to AgentValet. Click it. Cursor opens a browser for OAuth consent and completes the connection.

4

Approve platforms in the AgentValet dashboard. The agent is now provisioned with a signing identity and every call is scoped, checked, and logged.

Identity, not credentials. Because Cursor connects over OAuth, the agent is never issued a raw API key or long-lived token in your config. AgentValet's consent flow provisions the agent its own signing identity, and each platform call runs through your permission matrix from there.

What changes

Your coding agent, with governance

Cursor's agent can now call any platform through AgentValet without holding API keys locally. All calls are scoped, logged, and revocable from the dashboard.

No local secrets

API keys never touch your project directory or shell environment. Credentials are decrypted in-memory at call time inside the proxy.

Scoped per platform

Approve only the platforms and scopes your agent needs. GitHub read-only stays read-only - even if the agent tries to push.

Full audit trail

Every platform call is logged: which agent, which platform, which action, and when. Review it any time in the dashboard.

Instant revocation

Disable a platform or suspend the agent in one click. No config files to update, no key rotation to orchestrate.

Your Cursor agent can already edit any file. AgentValet decides what it can ship.

One command. The CLI writes the config for you.

Add the URL. Click "Needs login." Done.

Your coding agent, with governance

Ship governed Cursor in under 5 minutes.