Cursor
Install (Recommended)
Install StackHawk rules to your global Cursor config so they’re available in every project:
# Clone the agent-skills repo
git clone https://github.com/stackhawk/agent-skills.git /tmp/stackhawk-skills
# Install Cursor rules to your global config
bash /tmp/stackhawk-skills/scripts/install.sh --platform cursor --target ~
# Clean up
rm -rf /tmp/stackhawk-skills# Clone the agent-skills repo
git clone https://github.com/stackhawk/agent-skills.git $env:TEMP\stackhawk-skills
# Install Cursor rules to your global config
& "$env:TEMP\stackhawk-skills\scripts\install.ps1" -Platform cursor
# Clean up
Remove-Item -Recurse -Force "$env:TEMP\stackhawk-skills"CMD users: use PowerShell (built into Windows 10+) or WSL.
Global rules in ~/.cursor/rules/ are loaded automatically in every project you open.
Set Your API Key
export HAWK_API_KEY=hawk.xxxxxxxxxxxxxxxxxxxx$env:HAWK_API_KEY = "hawk.xxxxxxxxxxxxxxxxxxxx"CMD users: use PowerShell (built into Windows 10+) or WSL.
Verify
Open any project in Cursor. Ask the AI: “What StackHawk rules do you have?” It should describe HawkScan scanning and API reporting capabilities.
Usage
Ask Cursor’s AI to scan your application:
Scan my app running on localhost:8080 for security vulnerabilitiesTips
- Install once, scan everywhere: Global rules in
~/.cursor/rules/work across all projects - The rules are split into 10 modular files so Cursor loads only what’s relevant for the current task
- The agent checks if your app is running and will prompt you to start it if needed