Cursor

This release brings Cursor Automations to the Agents Window and introduces the ability to configure automations with multiple attached repos or no repos at all.

For the next 7 days, all agent runs for newly created automations are 50% off.

Automations in the Agents Window

Cursor Automations are now available in the Agents Window, in addition to cursor.com/automations. Create and manage your automations in the same workspace as your agents.

Multi-repo automations

A lot of engineering work spans more than one codebase. You can now attach multiple repos to an automation so agents reason across all required context and work across repos to deliver, test, and verify tasks.

No-repo automations

Many useful automations exist apart from code, where agents monitor your tools and act on key signals. You can now create automations without an attached repository.

We've added five new templates for no-repo automations to the Cursor Marketplace to help you get started:

• **Slack digest agent**: Summarizes unread DMs and key Slack channels every morning and prioritizes them by importance
• **Product analytics agent**: Delivers a weekly digest of key metrics from your data warehouse like Databricks
• **Product FAQ agent**: Watches a Slack channel for questions and writes a first response based on docs, codebase context, and past threads
• **Product finance agent**: Pulls financial data from a billing provider like Stripe for recurring revenue reports
• **Customer health agent**: Monitors key systems like Granola, Slack, and Databricks and flags accounts where health signals are shifting

Read our docs to learn more.

Cursor is now available in Jira.

Assign work items to Cursor, or mention `@Cursor` in a comment to kick off a cloud agent. Cursor uses the work item title, description, comments, and your team's repository settings to scope the task.

You can ask Cursor to fix bugs, add features, update tests, or investigate something described in the ticket. When the agent finishes, Jira shows completion updates and includes a link to the pull request.

Install the integration from Cursor integrations. You need Cursor admin access and Jira Commercial Cloud with Rovo enabled. Learn more in our docs.

Composer 2.5 is now available in Cursor.

It's a substantial improvement in intelligence and behavior over Composer 2. It is better at sustained work on long-running tasks, follows complex instructions more reliably, and is more pleasant to collaborate with.

Composer 2.5 benchmark results

• **Standard:** \$0.50/M input, \$2.50/M output tokens
• **Fast** (default): \$3.00/M input, \$15.00/M output tokens

Composer 2.5 includes double usage for the first week. See our model docs for full details.

Read more in our announcement.

This release introduces quality-of-life improvements to the Agents Window.

Full-screen tabs

Full screen maximizes the right panel so you can focus on a single tab.

Files, changes, canvases, PRs, browsers, and terminals can expand to fill the entire working area. This replaces the agent chat with a floating prompt bar.

Enter and exit full screen by clicking on the expand/contract button in the panel header, using the command palette, or pressing `Cmd/Ctrl+Shift+M`.

Compact chat responses

Compact chats give you a tighter view of your agent conversations so you can read threads more quickly without losing important context.

Customize tool call density to control how much of the agent's tool activity is shown in each response:

• Compact: shows concise results with minimal tool traces
• Balanced: includes important intermediate steps
• Detailed: provides near-complete step-by-step context

Improvements (8)

• Improved PR tabs by adding clearer review states, better reviewer/thread visibility, and more predictable PR tab actions.
• Improved long-chat scrolling to make it smoother, added better undo grouping in prompt input, and improved behavior while streaming.
• Added clearer status text for background/resumed tasks.
• Added cleaner environment/repo selection and better persistence when switching contexts.
• Improved MCP auth token lifecycle handling.
• Removed noisy in-app terminal notifications and improved shortcut behavior.
• Clarified model naming and selection behavior in the model picker and added stronger fallback handling.
• Improved search and navigation to make it faster and more reliable in large workspaces.

Bug Fixes (9)

• Fixed PR tab bugs affecting branch lookup, header state, and diff loading.
• Fixed background task reliability issues like resume failures, interrupt edge cases, and incorrect status scoping on resumed subagents.
• Fixed cloud agents bugs blocking setup, state merge/persistence bugs, and multi-repo identity issues.
• Fixed MCP/OAuth reliability bugs like transient 401/stale-token cases and large-token handling edge cases.
• Fixed edge cases around slash menu + approval regressions, ask-question flow issues, and paste-chunk handling.
• Fixed keyboard shortcuts bugs in modals, vim/emacs caret style leakage, and other key handling.
• Fixed hook invocation/path-length issues and Git prompt-related regressions.
• Fixed model-routing mismatches, proxy body normalization, and thought-chunk forwarding issues.
• Fixed webhook auth/hostname resolution, GHES installation persistence, and mirrored-repo behavior.

To take engineering tasks from start to finish, agents need a development environment similar to the setup on your laptop: cloned repositories, installed dependencies, credentials for internal toolchains, and access to build systems.

This release introduces new tools for teams to configure development environments for their agents. Cursor also can use these tools to set up and maintain environments for you. Together, this makes it easier for teams to run fleets of parallelized agents that handle tasks from end-to-end, inside development environments you fully control.

Multi-repo environments

Cloud agents and automations now support multi-repo environments, building off our work on multi-root workspaces. You can configure a single environment with all the repositories an agent needs for its work, with re-use across sessions.

Environment configuration as code

To make it easier to change, debug, and review environment definitions, we have improved Dockerfile-based configuration.

This includes support for build secrets, making it easy to securely access private package registries directly from your Dockerfiles. Build secrets are scoped to the build step and aren't passed to the running agent's environment.

We've also upgraded layer caching, so that only the updated layers of your image rebuild when you change the Dockerfile. Builds that hit the cache run 70% faster.

Improved agent-led environment setup

As Cursor configures your environment, it will ask you questions, flag missing credentials, and validate that your environment is set up properly.

Cursor will always show you the version of the environment your agent is running in. If your environment configuration fails, it will default to a base image with clear warning signs so that your cloud agents can keep running instead of immediately failing.

Environment governance and security controls

Every development environment now has its own version history that users can review and roll back. Admins can also restrict rollback permissions to admins only. An audit log captures every action team members take on environments, giving security teams full visibility into who changed what.

Egress and secrets can now be scoped at the development environment level. Secrets configured for one environment aren't accessible from any other.

Learn more about agent development environments in our announcement and docs.

Cursor is now available in Microsoft Teams.

Mention @Cursor in any Teams channel to delegate a task to a cloud agent or pull information from Cursor into Teams.

Cursor automatically picks the right repository and model based on your prompt and recent agent activity. It reads the entire thread for context before implementing a solution and creating a PR for your team to review.

Get started by installing the integration in the Cursor dashboard. Learn more in our docs.

Teams admins and Individual plan users can now customize the effort level Bugbot uses for its PR reviews, with three different configurations:

• **Default:** Bugbot continues to use the same effort level as it does today. Optimized for efficiency and speed.
• **High:** Bugbot spends more time reasoning. Reviews are more expensive and take longer, but Bugbot may find more bugs.
• **Custom:** Describe in natural language when Bugbot should use default or high effort. Cursor will dynamically set effort levels based on your instructions.

Customers must be on usage-based billing for Bugbot to customize effort levels. Learn more in our docs and go to your Bugbot dashboard to get started.

Bugbot improvements

• With default effort, Bugbot finds 0.7 bugs per run, on average. Over 79% of these bugs are resolved by users at merge time.
• With high effort, Bugbot finds 0.95 bugs per run, on average.

This release introduces a new PR review experience, faster execution on plans through parallel agents, and new quick-action pills for common workflows.

PR review

A new PR review experience is now available in Cursor 3. Take PRs from creation to merge all in one place.

• The Reviews tab now shows inline review threads and top-level PR comments.
• The Commits tab gives you a focused view of commit history for the PR.
• The Changes tab makes it easier to navigate larger PRs with a file tree and changes picker.

You can see useful context like reviewer status and pending review banners, and quick action pills allow you to take next steps faster.

Build in parallel from plans

Cursor can now execute on plans faster by multitasking across tasks instead of tackling them one at a time.

Click "Build in Parallel" to have it identify independent parts of your plan and run them simultaneously using async subagents. Cursor will keep dependent steps in order when needed.

Split changes into PRs

When multitasking in Cursor, you can now use a built-in quick action to split changes into PRs.

It will use chat context to identify logical slices, default to independent PRs unless dependencies are required, create a backup snapshot, and propose a split plan for your approval.

Pin skills as quick actions

You can now pin your most commonly used skills as quick-action pills for faster access.

Improvements (6)

• Added the ability to control Explore subagent behavior from settings: choose a specific model for Explore subagents to run on, inherit the same model as the parent agent, or disable Explore subagents altogether.
• Added support for general model names for subagent configuration (i.e., set `model: opus` to have subagents always use the newest Opus model).
• `/multitask` is now available in the editor for running async subagents to parallelize your requests instead of adding them to the queue.
• Improved prompt input undo grouping, so undo/redo feels more natural during edits.
• Improved long-chat handling and reduced jumpiness and other surprising behaviors.
• Made MCP connection behavior more predictable, and added explicit stale token cleanup on re-auth.

Bug Fixes (5)

• Fixed terminal interaction bugs in the agents window, including editing shortcut issues and approval/overlay edge cases.
• Fixed several slash menu and input-approval regressions.
• Fixed MCP auth edge cases, including transient 401 handling and stale credential behavior.
• Fixed multi-repo environment selection and cache issues.
• Fixed various cloud agent timing and hydration edge cases that could degrade reliability.

You can now see a breakdown of your agent's context usage.

Use these stats to diagnose context issues and improve your setup across rules, skills, MCPs, and subagents.

This release introduces updates for Enterprise admins: a new system for model controls, updated spend management, and more detail for usage analytics.

Model access controls

Admins can now set more granular allow or blocklists at the model and provider level. You can block entire providers or specific model configurations for speed and context window size.

Enterprises also have the option to block new providers or model versions by default.

Customers with existing blocklists will need to migrate to the new system by June 1st. Admins should go to their team model settings in the Cursor dashboard to get started.

Soft spend limits and intelligent alerts

Admins can now set soft limits instead of hard limits to avoid blocking users. Cursor can also monitor usage and sends automatic alerts to users reaching 50%, 80%, and 100% of their soft or hard limits.

This keeps users productive while giving admins and users visibility into consumption patterns.

Go to the spend management settings in the Cursor dashboard to get started.

Updated usage analytics tab

Admins can now filter usage by specific users, or break it down by product surface: clients, Cloud Agents, automations, Bugbot, and Security Review.

Go to the usage analytics tab in the Cursor dashboard to get started.

Admins can now create a team marketplace without connecting a repository first. Add, remove, and configure install behavior for first-party plugins directly in team marketplace settings.

Plugins bundle capabilities like MCP servers, skills, subagents, rules, and hooks that extend agents with custom functionality. Each plugin can be distributed in one of three ways:

1. Default Off: users can discover and opt in
2. Default On: users get the plugin installed by default, but can opt out
3. Required: users always have the plugin and cannot uninstall it

Get started in the Cursor dashboard.

Cursor Security Review is now in beta on Teams and Enterprise plans. You can run two types of always-on security agents: Security Reviewer and Vulnerability Scanner.

Security Reviewer

Security Reviewer checks every PR for security vulnerabilities, auth regressions, privacy and data-handling risks, agent tool auto-approvals, and prompt injection attacks. It will leave inline comments at the exact diff location with severity and remediation.

Security Reviewer leaving inline comments on a pull request diff.

Vulnerability Scanner

Vulnerability Scanner runs scheduled scans of your codebase to check for known vulnerabilities, outdated dependencies, and configuration issues. You can configure it to send updates of its findings in Slack.

Vulnerability Scanner findings and scheduled scans in Cursor.

---

Customize Cursor-managed security agents by adjusting triggers, adding your own instructions, giving them custom tooling, and choosing how outputs are shared. For example, you can plug in MCP servers for your existing SAST, SCA, and secrets scanners for Cursor to use as part of the review.

We're also continuously improving the runtime, harness, and models powering Cursor Security Review for a strong out-of-the-box experience.

Security agents draw from your existing usage pool. Admins can enable Security Review in the Cursor dashboard to get started.

We're introducing the Cursor SDK so you can build agents with the same runtime, harness, and models that power Cursor.

The agents that run in the Cursor desktop app, CLI, and web app are now accessible with a few lines of TypeScript. Run it on your machine or on Cursor's cloud against a dedicated VM, with any frontier model.

Run `npm install @cursor/sdk` to get started. You can also use Cursor's native `/sdk` skill to help you start building.

```jsx import { Agent } from "@cursor/sdk";

const agent = await Agent.create({ apiKey: process.env.CURSOR_API_KEY!, model: { id: "composer-2" }, local: { cwd: process.cwd() }, });

const run = await agent.send("Summarize what this repository does");

for await (const event of run.stream()) { console.log(event); } ```

We built a few sample projects that you can access from a public repo. Fork and extend them for your own use case.

The Cursor SDK is now available for all users in public beta and is billed based on standard, token-based consumption pricing. Learn more in our announcement and docs.

Updates to the Cloud Agents API

• Reworked the API around durable agents and per-prompt runs, so follow-ups, status, streaming, and cancellation are now run-scoped.
• Added first-class run streaming with SSE events, reconnect support via `Last-Event-ID`, and clearer terminal states.
• Added explicit agent lifecycle controls with archive, unarchive, and permanent delete.
• Standardized v1 response and error shapes, including structured error codes, `items` list responses, and separate `agent` / `run` objects.

This release introduces a new way to multitask with async subagents, an improved worktrees experience, and multi-root workspaces for making cross-repo changes.

Multitask in Agents Window

With `/multitask`, Cursor will run async subagents to parallelize your requests instead of adding them to the queue. It will also break down larger tasks into smaller chunks for a fleet of async subagents to tackle simultaneously.

If you already have messages in the queue, you can ask Cursor to multitask on them instead of waiting for the current run to finish.

Worktrees in Agents Window

We've added new and improved worktrees in the Agents Window.

Run isolated tasks in the background across different branches. When you're ready to test changes, move any branch into your local foreground with one click.

Multi-root workspaces in Agents Window

A single agent session can now target a reusable workspace made of multiple folders.

This allows Cursor to make cross-repo changes spanning frontend, backend, and shared libraries, without retargeting the agent every time it moves between repos.

Cursor can now respond by creating interactive canvases.

These visualizations can include dashboards and custom interfaces built using first-party components like tables, boxes, diagrams, and charts, as well as existing Cursor components like diffs and to-do lists.

In the Agents Window, canvases are durable artifacts that live in the side panel alongside the terminal, browser, and source control.

Try it out in Cursor 3.1 in the Agents Window or the editor. Read more in our announcement.

We've shipped quality-of-life improvements to the Cursor CLI to make working with agents in the terminal more delightful.

Debug Mode in CLI

Use `/debug` to find root causes and fix tricky bugs that are hard to reproduce or understand. In Debug Mode, Cursor generates hypotheses, adds log statements, and uses runtime information to pinpoint the issue before making a targeted fix.

/btw support in CLI

Ask a quick side question without derailing the agent's main task. `/btw` allows you to get clarification on the change Cursor is making without stopping the current run.

Configuration menu in CLI

`/config` opens an interactive settings panel inside the CLI where you can view and change behavior, such as model choices, defaults, runtime preferences, and more.

You can also ask Cursor to apply configuration changes for you using the `/update-cli-config` skill.

Custom status bars in CLI

Customize the status bar using /statusline to surface the session and runtime signals you care about, including current mode, branch, environment, active task hints, or other session metadata.

CLI Improvements

• Trigger the model picker from anywhere to switch models without clearing your prompt first.
• If Cursor detects you've enabled auto-run three times in a row, it will now proactively suggest turning it on to help avoid endless approval loops.
• The AskQuestion tool and Debug Mode now handle plaintext responses more smoothly.
• Image paste from clipboard is now supported, including `Ctrl+V` in some terminals without native paste support.
• The footer now shows your working directory, worktree, and current branch.

CLI Bug Fixes

• You can now reliably send the CLI to the background using `Ctrl+Z`.
• Auto-run now works in other modes like Debug Mode and Plan Mode.
• Fixed an issue where background shell processes could remain running after quitting the CLI.
• Fixed slash command handling and matching.
• Fixed keyboard handling for `Cmd+Delete`, Vim keybindings, and `Ctrl` modifier combinations.

This release introduces improvements to our Agents Window interface as part of Cursor 3.

Tiled layout

Split your current view into panes to run and manage several agents in parallel. The tiled layout makes it easier to multi-task and compare outputs across agents without jumping between tabs.

Expand panes to focus on a conversation, drag agents into tiles, and use keybindings for quick navigation and organization. Your setup also persists across sessions.

Upgraded voice input

Dictation through voice input is more reliable and accurate. It records your full voice clip and transcribes it with batch STT for higher-quality speech-to-text.

You can press and hold `Ctrl+M` to speak, and we've added controls to the UI while recording, such as a waveform, timer, and buttons for cancelling and confirming.

Branch selection in empty state

Previously, starting an agent from the empty state usually defaulted to your current branch. Now you can search and select a branch first, then launch a cloud agent directly against that branch.

This cuts down on additional steps to switch branches and reduces accidental runs on the wrong branch.

Diff to file navigation

Jump from the diff straight to the exact line in the file. Once there, you have the full power of the editor, make changes manually, use Tab, go to definition, and more.

Filters for searching files

Use include/exclude filters in "Search in Files" for scoping code search to specific file sets.

Agents Window Improvements

• Prompt buttons now stay in place while voice input is processing.
• Plan tabs now get the same document behaviors as files: support for reliable loading, dirty tracking, reload on plan changes, and the ability to save, copy, and export markdown.
• New agent sessions now start in your preferred project target by default.
• File tab names are now resolved within the current agent's visible tabs instead of trying to be globally unique across all other agents' tabs.
• `Cmd-K` now shows fewer, more relevant agent results, capped to the recent matching set (i.e., items that match your query and are from a recent subset).
• On macOS, text is now rendered with anti-aliasing, producing sharper character edges.
• Design Mode now lets you navigate the element tree (up, down, and sideways) with keyboard support to pick the UI element before commenting.
• The Agents Window now avoids expensive updates and fetches unless they're truly needed.
• Closing tabs is now less likely to glitch the file tree, and recovery is faster.
• Limited local diff fetches to reduce CPU/network spikes and lag in SCM views.
• File tree now responds to changes more reliably and is less likely to flicker, stale, or miss updates.
• Extension events (e.g., file change, diagnostics update) are now scoped to each workspace, reducing cross-project interference.
• Hitting enter to send a follow-up in a long chat used to hang for over a second and now feels instant.
• Large edits stream more smoothly now after cutting dropped frames by ~87%.

Agents Window Bug Fixes

• Fixed a bug where scrolling through long conversations used to stutter. Now it's smooth, even in large threads.
• Fixed a bug where an agent conversation full of diffs or code blocks would flash and freeze.

This release introduces updates to Bugbot including the ability to self-improve in real time, MCP support, improvements to Bugbot Autofix, and the highest resolution rate to date.

Bugbot Learned Rules

Bugbot can now learn from feedback on pull requests and turn those signals into learned rules that improve future reviews.

It looks at reactions and replies to Bugbot comments and comments from human reviewers to create candidate rules. Bugbot automatically promotes the ones that accumulate signal and disables the ones that stop being useful.

Bugbot learned rules

Read more about learned rules in our announcement or manage learning in the Bugbot dashboard.

Bugbot MCP Support

Give Bugbot access to MCP servers for additional context during code reviews. On Teams and Enterprise plans, you can add tools to Bugbot in the Bugbot dashboard.

Bugbot MCP support

Bugbot Improvements (6)

• Bugbot's resolution rate is now 78%.
• Added a "Fix All" action to apply multiple Bugbot fixes in one operation.
• Redesigned Bugbot settings, and split personal and team settings into clearer sections.
• Bugbot Autofix only runs when findings are substantial enough to warrant a fix.
• Bugbot Autofix now uses only relevant rules, reducing noise in prompting.
• Improved reliability of Bugbot Autofix CI checks on PRs.
• Simplified Bugbot check progress messages in GitHub PRs.

Bugbot Bug Fixes (2)

• Fixed a bug where stale privacy mode state from inactive teams could incorrectly block Bugbot Autofix.
• Fixed infra issues that caused longer than expected Bugbot run times.

Cursor 3 is now available.

Agents Window

The new Cursor interface allows you to run many agents in parallel across repos and environments: locally, in worktrees, in the cloud, and on remote SSH.

It's simpler, more powerful, and centered around agents, while keeping the depth of a development environment.

To try the Agents Window, upgrade Cursor and type `Cmd+Shift+P -> Agents Window`.

You can switch back to the IDE anytime, or have both open simultaneously.

Read more in our announcement.

Design Mode

In the Agents Window, you can use Design Mode to annotate and target UI elements directly in the browser.

This allows you to give more precise feedback and iterate faster by pointing the agent to exactly the part of the interface you're referring to.

Keyboard shortcuts include:

• ⌘ + Shift + D to toggle to Design Mode
• Shift + drag to select an area
• ⌘ + L to add element to chat
• ⌥ + click to add element to input

Agent Tabs in the Editor

Agent Tabs allow you to view multiple chats at once, side-by-side or in a grid.

Editor (4)

• Added a new command `/worktree` that creates a separate git worktree so changes happen in isolation.
• Added a new command `/best-of-n` that runs the same task in parallel across multiple models, each in its own isolated worktree, then compares outcomes.
• Deprecated the previous worktree and best-of-n selection from the Editor.
• Removed cloud agents from the Editor.

Plugins & MCP (2)

• MCP Apps now support structured content, enabling richer tool outputs.
• Third-party plugin imports now default to **off** for Enterprises when unset, while preserving explicit Admin overrides.

Enterprise & Teams (3)

• Added the directory group name so audit logs are human-readable without looking up IDs.
• Added a team-level Admin setting for cloud agents that restricts creating, editing, and deleting team secrets to Admins.
• Added an Enterprise Admin control for disabling "Made with Cursor" code attribution for the entire team. Per-user settings still exist via Cursor Settings > Agent > Attribution.

Other Improvements (10)

• Large-file diff rendering is now much faster, smoother, and less memory-heavy.
• Agents are now better at monitoring long-running jobs.
• Added an `Await` tool that lets agents wait for background shell commands and subagents to complete, or wait for specific output such as "Ready" or "Error".
• Reduced the browser automation tool surface and tightened the subagent to use browser tools only, helping it stay more focused on the task. Also improved the browser instructions to reduce error loops, and added screenshot-based coordinate clicking as a fallback when DOM interactions are unreliable.
• Plans are now included in shared chats alongside the transcript.
• Added caching to improve Explorer subagents startup time.
• Past chat transcripts are now surfaced directly in at-mention search results.
• Added a "scroll to bottom" button in the agent panel that appears when content overflows.
• Tab bar can now span the full available width in maximized chat layouts.
• Consolidated the Early Access release track behind Nightly.

Bug Fixes (8)

• Fixed text area behavior for Network Access Controls so pressing `Enter` can reliably add a newline at the end of the input.
• Fixed hooks loading so multi-root workspaces read project hook files from all workspace folders instead of only the first one.
• Fixed a markdown parsing bug where parenthesized HTTP(S) links could be misread as citations.
• Fixed todo card visibility to prevent them from disappearing after all todos complete.
• Fixed Agent queued prompts that were not resuming automatically after editing operations.
• Fixed picker behavior for models that are disabled but selectable by removing misleading "not allowed" styling and auto-enabling a model when the user selects it.
• Fixed a bug where expanding/collapsing thinking blocks didn't work while streaming was still in progress.
• Fixed a bug where Shift+Enter line breaks weren't treated as multiline content, so the prompt input field could stay in an incorrect state.

Cursor now supports self-hosted cloud agents that keep your code and tool execution entirely in your own network.

Your codebase, build outputs, and secrets all stay on internal machines running in your infrastructure, while the agent handles tool calls locally.

Use Cursor's agent experience with workers that run inisde your own infrastructure

Self-hosted cloud agents offer the same capabilities as Cursor-hosted cloud agents, including isolated VMs, full development environments, multi-model harnesses, plugins, and more.

Try it out today by enabling self-hosted cloud agents in your Cursor Dashboard. Read more in our announcement.