secrets-hygiene

Cursor Rule

Protect secrets - never read .env or MCP config files that may contain tokens

Simpler, safer way to run MCPs, Skills, and Agents. Discover what's running, enforce security policies in real time, protect secrets, and get full audit trails — all built for how developers actually work in Cursor.

Created by RunlayerVerified by CursorView Source

Rules2

mcp-governanceEnforce MCP governance - prevent shadow MCPs, require approval for server installation

secrets-hygieneProtect secrets - never read .env or MCP config files that may contain tokens

Skills3

mcp-builderBuild production-quality MCP (Model Context Protocol) servers that enable LLMs to interact with external services through well-designed tools. Use this skill when the user wants to create, scaffold, or implement an MCP server for any API or service, in any language. Triggers include requests to "build an MCP server", "create MCP tools", "implement MCP", "add tools for [service]", "connect [service] via MCP", or any task involving MCP server development, tool design, or MCP architecture decisions.

mcp-security-auditAudit MCP server configurations for security risks, shadow servers, and missing governance. Use when the user asks to review MCP security, check for shadow MCPs, audit MCP setup, or verify MCP compliance.

plugin-builderBuild Cursor plugin scaffolds with optional Runlayer MCP integration. Use this skill when the user wants to create a new Cursor plugin, scaffold plugin skills/commands/rules/hooks, or set up MCP connector configurations. Triggers include "create a plugin", "build a plugin", "scaffold a plugin", "new plugin for [domain]", or any task involving Cursor plugin development.

Hooks3

sessionstartHook: sessionStart

beforemcpexecutionHook: beforeMCPExecution

beforereadfileHook: beforeReadFile

Commands2

build-mcpBuild a production-quality MCP server for any API or service

build-pluginScaffold a new Cursor plugin with rules, skills, commands, hooks, and MCP integration