3.3 · Changelog

PR Review, Build Plan in Parallel, and Split PRs

This release introduces a new PR review experience, faster execution on plans through parallel agents, and new quick-action pills for common workflows.

PR review

A new PR review experience is now available in Cursor 3. Take PRs from creation to merge all in one place.

  • The Reviews tab now shows inline review threads and top-level PR comments.
  • The Commits tab gives you a focused view of commit history for the PR.
  • The Changes tab makes it easier to navigate larger PRs with a file tree and changes picker.

You can see useful context like reviewer status and pending review banners, and quick action pills allow you to take next steps faster.

Build in parallel from plans

Cursor can now execute on plans faster by multitasking across tasks instead of tackling them one at a time.

Click "Build in Parallel" to have it identify independent parts of your plan and run them simultaneously using async subagents. Cursor will keep dependent steps in order when needed.

Split changes into PRs

When multitasking in Cursor, you can now use a built-in quick action to split changes into PRs.

It will use chat context to identify logical slices, default to independent PRs unless dependencies are required, create a backup snapshot, and propose a split plan for your approval.

Pin skills as quick actions

You can now pin your most commonly used skills as quick-action pills for faster access.

  • Added the ability to control Explore subagent behavior from settings: choose a specific model for Explore subagents to run on, inherit the same model as the parent agent, or disable Explore subagents altogether.
  • Added support for general model names for subagent configuration (i.e., set model: opus to have subagents always use the newest Opus model).
  • /multitask is now available in the editor for running async subagents to parallelize your requests instead of adding them to the queue.
  • Improved prompt input undo grouping, so undo/redo feels more natural during edits.
  • Improved long-chat handling and reduced jumpiness and other surprising behaviors.
  • Made MCP connection behavior more predictable, and added explicit stale token cleanup on re-auth.

  • Fixed terminal interaction bugs in the agents window, including editing shortcut issues and approval/overlay edge cases.
  • Fixed several slash menu and input-approval regressions.
  • Fixed MCP auth edge cases, including transient 401 handling and stale credential behavior.
  • Fixed multi-repo environment selection and cache issues.
  • Fixed various cloud agent timing and hydration edge cases that could degrade reliability.

 · Changelog

Model controls, spend management, and usage analytics

This release introduces updates for Enterprise admins: a new system for model controls, updated spend management, and more detail for usage analytics.

Model access controls

Admins can now set more granular allow or blocklists at the model and provider level. You can block entire providers or specific model configurations for speed and context window size.

Enterprises also have the option to block new providers or model versions by default.

Customers with existing blocklists will need to migrate to the new system by June 1st. Admins should go to their team model settings in the Cursor dashboard to get started.

Soft spend limits and intelligent alerts

Admins can now set soft limits instead of hard limits to avoid blocking users. Cursor can also monitor usage and sends automatic alerts to users reaching 50%, 80%, and 100% of their soft or hard limits.

This keeps users productive while giving admins and users visibility into consumption patterns.

Go to the spend management settings in the Cursor dashboard to get started.

Updated usage analytics tab

Admins can now filter usage by specific users, or break it down by product surface: clients, Cloud Agents, automations, Bugbot, and Security Review.

Go to the usage analytics tab in the Cursor dashboard to get started.

 · Changelog

Team Marketplace Updates

Admins can now create a team marketplace without connecting a repository first. Add, remove, and configure install behavior for first-party plugins directly in team marketplace settings.

Plugins bundle capabilities like MCP servers, skills, subagents, rules, and hooks that extend agents with custom functionality. Each plugin can be distributed in one of three ways:

  1. Default Off: users can discover and opt in
  2. Default On: users get the plugin installed by default, but can opt out
  3. Required: users always have the plugin and cannot uninstall it

Get started in the Cursor dashboard.

 · Changelog

Cursor Security Review

Cursor Security Review is now in beta on Teams and Enterprise plans. You can run two types of always-on security agents: Security Reviewer and Vulnerability Scanner.

Security Reviewer

Security Reviewer checks every PR for security vulnerabilities, auth regressions, privacy and data-handling risks, agent tool auto-approvals, and prompt injection attacks. It will leave inline comments at the exact diff location with severity and remediation.

Security Reviewer leaving inline comments on a pull request diff.

Vulnerability Scanner

Vulnerability Scanner runs scheduled scans of your codebase to check for known vulnerabilities, outdated dependencies, and configuration issues. You can configure it to send updates of its findings in Slack.

Vulnerability Scanner findings and scheduled scans in Cursor.

Customize Cursor-managed security agents by adjusting triggers, adding your own instructions, giving them custom tooling, and choosing how outputs are shared. For example, you can plug in MCP servers for your existing SAST, SCA, and secrets scanners for Cursor to use as part of the review.

We're also continuously improving the runtime, harness, and models powering Cursor Security Review for a strong out-of-the-box experience.

Security agents draw from your existing usage pool. Admins can enable Security Review in the Cursor dashboard to get started.