Skip to main content

Prerequisites

Quick start

Launch Cursor with vault run. It wraps Cursor with a vault-scoped session and installs the Agent Vault skill so Cursor knows how to proxy requests and raise proposals automatically. If you haven’t logged in yet, you’ll be guided through setup automatically. 
agent-vault vault run -- agent
That’s it. Cursor launches with Agent Vault access — no invite, no token pasting.
vault run also installs an Agent Vault skill at ~/.cursor/skills/agent-vault/SKILL.md. This teaches Cursor how to discover services, proxy requests, and raise proposals through Agent Vault. The skill persists across sessions.

Target a specific vault

agent-vault vault run --vault myproject -- agent

Try it out

Ask Cursor to do something that requires an external API:
“Fetch my recent Stripe charges”
Here’s what happens — with zero pre-configuration:
  1. Cursor routes a request to api.stripe.com through Agent Vault
  2. Agent Vault returns a 403 — Stripe isn’t configured yet
  3. Cursor reads the proposal_hint and creates a proposal requesting Stripe access
  4. Cursor presents you with an approval link
  5. You click the link, paste your Stripe key, and click Allow
  6. Cursor retries — Agent Vault injects your Stripe credentials and the request succeeds
You didn’t pre-configure anything. The agent discovered what it needed, asked for approval, and handled the rest.

Alternative: invite-based setup

If you can’t use vault run (e.g. you’re connecting a remote or cloud-hosted Cursor instance), use the invite flow instead: 
agent-vault agent invite my-agent
This generates a one-time onboarding prompt and copies it to your clipboard. Paste it into Cursor — it redeems the invite automatically and receives an agent token plus usage instructions inline.

Next steps

How it works

Full request lifecycle end-to-end.

Services

Pre-configure services you know the agent will need.