JFrog Launches Cursor AI Agent for Software Supply Chain Security

JFrog Platform plugin for Cursor gives developers the freedom to create and deliver next generation AI-powered software with built-in governance

JFrog Ltd the creators of the JFrog Software Supply Chain Platform, the system of record for trusted software artifacts, binaries, and AI assets, announced its Platform is now available in the Cursor marketplace. Over 1 million Cursor active daily users now have access to robust software supply chain security within their workflows via the new plugin, reinforcing JFrog’s position as a critical trust layer and system of record for the rapidly expanding AI agent ecosystem.

“Today’s enterprises wanting to fully leverage AI-driven software creation are rightfully concerned about the security risks open source and autonomous tools used by AI will create,” said Yoav Landman, Co-Founder and CTO of JFrog. “Issues like Shadow AI, ungoverned MCP server access, malicious skills, and uncontrolled dependencies can create massive blind spots and lead to significant security vulnerabilities. By bringing the full power of the JFrog Platform directly into the Cursor coding agent, we are giving enterprises the guardrails they demand from the very beginning.”

Read More: Build vs Buy: Should Enterprises Develop or License Domain-Specific Language Models?

IDC research states: “As enterprises transition from simple chatbots to autonomous AI agents, the need for security and governance has moved from the model itself to the actions those models take…However, challenges remain since the market for AI governance is rapidly evolving, with new entrants and approaches emerging. Standards for agentic components, such as skills and MCP servers, are still in flux. In addition, enterprises are still in the early stages of adopting autonomous agents, and the pace of adoption may vary significantly across industries.”¹

Empowering a Diverse Ecosystem of AI Builders with Seamless Security and Governance

Cursor is one of the industry’s leading AI coding agents designed for developers, data scientists, and engineers, that emphasizes agentic capabilities via plugins and MCP servers (not just UI extensions like the VS Code marketplace). Modern developer workflows start inside AI-native Integrated Developer Environments (IDEs) like Cursor, where agents suggest code, pull dependencies, and make supply chain decisions in real time. However, agents often do this without any visibility into whether packages are safe, compliant, or policy approved.

Also Read: How Highspot Is Redefining Revenue Enablement for Modern Go-To-Market Teams

Building upon its recently announced JFrog Agent Skills Registry – a unified repository to centrally manage, govern, and version control AI skills across all environments by treating them as software packages – the new JFrog Cursor plugin brings the full power of the JFrog Platform directly into the developer’s AI-native IDE without context switching or manual lookups, eliminating friction. Enterprises can now leverage JFrog as a system of record and control point designed for agentic development to allow for increased accuracy, consistency, and security across AI pipelines and the software supply chain.

The new plugin ships with four integrated components:

• A remote MCP server connection: Authenticated seamlessly with the JFrog Platform via OAuth without the need for API keys.
• Conversational AI Skills: Enables developers to manage artifacts, scan for vulnerabilities, and enforce policies using natural language interactions.
• Automated Security Rules: Automatically enforces supply-chain best practices whenever a dependency file is touched.
• Dedicated Supply Chain Security: Proactively audits dependencies for CVEs, license risks, and curation policy violations.

Additionally, the JFrog Platform plugin for Cursor offers seamless integration with JFrog Xray and JFrog Advanced Security, allowing vulnerabilities, exposed secrets, and infrastructure misconfigurations to be flagged as developers code. It also provides real-time security insights with clear context, along with easy-to-follow remediation advice and one-click dependency upgrades. The JFrog plugin for Cursor also provides AI agents with the necessary information and guidance to check dependencies in real-time, ensuring every software component is fully compliant with organizational standards and safe for use before it is ever committed.

Write to us [⁠wasim.a@demandmediaagency.com] to learn more about our exclusive editorial packages and programmes.