Chainguard and Cursor team up to close the software supply chain trust gap with secure-by-default artifacts for teams building with AI
Chainguard, the trusted provider of open source solutions, has announced a partnership with Cursor, the leading multi-model AI coding platform, to secure the next generation of agentic software development. Through this collaboration, Chainguard provides a trust layer for open source artifacts for Cursor, ensuring images and libraries are malware-resistant and secure-by-default. Joint customers can now safely scale AI-driven development without open source artifacts exposing them to unneeded risk in production environments.
The growing risk in agentic development
Nearly 84% of developers already use AI agents for software development, and that number continues to rise. However, these systems rely on the same public registries, such as PyPI, Maven Central, and npm, that have been repeatedly targeted in supply chain attacks. Recent attacks against popular open source projects like Trivy, LiteLLM, telnyx, and axios, and the waves of Shai-Hulud–style malware have demonstrated how easily malicious packages can spread to millions of developers and systems.
Supply chain attacks expose cloud credentials, API keys, and sensitive tokens, halting development and introducing significant operational, financial, and brand risk. In an agentic model, dependency selection happens programmatically at scale, without the manual review processes that traditionally served as a safety net. Organisations without a secure-by-default solution risk introducing compromised artifacts directly into production pipelines, leading to security incidents, operational disruption, stolen assets, and loss of developer productivity.
“AI agents are making dependency decisions at a scale and speed no security team can manually review. As organisations adopt agentic development, the biggest blocker is no longer how fast code can be generated – it’s whether that code can be trusted,” said Dan Lorenc, CEO and Co-founder, Chainguard. “Together, Chainguard and Cursor will help ensure that every dependency within AI-generated code comes from a verifiable, secure, and continuously maintained source, so teams can move quickly without introducing unnecessary risk into production. Engineering teams now have a path to move at AI speed without sacrificing security.”
“Partnering with Chainguard is another step in the direction of Cursor enabling secure agentic coding at scale,” said Brian McCarthy, President, Global Revenue and Field Operations, Cursor. “Recent supply chain attacks showcased how bad actors are working to manipulate the public tools and registries we’ve historically relied on to consume open source. With agents writing the majority of code at top businesses around the world, new tools to help ensure the code is trusted, and the ability to review and monitor at speed and scale, creates a safer paradigm.”
A secure-by-default workflow for AI-generated code
With this partnership, Cursor gains seamless access to Chainguard’s catalogue of minimal, zero- to low-CVE container images and malware-resistant language libraries. As Cursor generates application code and selects dependencies, Chainguard ensures that those dependencies are built from verifiable source, continuously building new upstream versions, and delivered with signed attestations. Customers ship to production with confidence that their software supply chain is protected with trusted artifacts.
The partnership introduces strong supply chain protections for joint Chainguard and Cursor customers, including:
- Access to more than 2,300 container images, continuously rebuilt to incorporate upstream patches and zero known CVEs at release time
- Access to millions of Python, JavaScript, and Java libraries versions built exclusively from publicly verifiable source code to proactively prevent malware served in backdoored binaries or install-time scripts
- Verifiable provenance through signed build attestations and reproducible build pipelines
- No changes required to existing developer workflows or tooling
- Automatic configuration and credential management handled directly by Cursor.
Developers can enable the integration through simple natural language instructions, after which Cursor configures project files, manages secrets, and sources dependencies from Chainguard without additional manual setup.
Customers of Chainguard and Cursor can begin building with trusted open source today. Click here to get started.