Add MCP integration and Developer Environments skill (v1.2.0)#6
Add MCP integration and Developer Environments skill (v1.2.0)#6scottisloud wants to merge 10 commits into
Conversation
|
Adjusted scope slightly for expected agent behaviours to account for differences in how Cursor Agents work compared to some other agent clients. Ready for review. Testing is a bit fiddly... |
3a7a6e0 to
87be6b7
Compare
Wire the 1Password desktop MCP server into the Cursor plugin manifest, add branding assets, document installation and usage in the README, and ship the 1password-environments agent skill with reference material for import-and-mount workflows.
Block direct .env and MCP doc reads that bypass the skill, nudge agents toward MCP-based imports, and require reading the skill before 1Password MCP tool calls.
87be6b7 to
081607a
Compare
JillRegan
left a comment
There was a problem hiding this comment.
Tested and works as expected! Left some comments.
Another thing I want to mention is the .cmd wrapper on Windows (you'll notice we have this for validate-mounted-env-files which was implemented here). Essentially cursor tries to run the bash hook commands, and without .cmd file it can attempt the bash script and fail badly which opens the file in the editor. The .cmd stub just returns allow since mounts aren’t supported on Windows anyway.
So if on Windows and the plugin is installed and these new hooks execute it will be an unpleasant user experience because the bash scripts will fail and open in the editor. While I don't think we should address in this PR I do think we should work on a quick follow up. But we may need more discussion with the Cursor team to see how other folks are handling this, as a .cmd file for every hook is not ideal.
|
Confirmed, Cursor seems to not have recognized it was failing to correctly load the plugin while I was developing it. As as a result, it implemented a TON of additional scaffolding that isn't required. I'll make local changes to the marketplace-installed version of the plugin (which Cursor abides by) so I can accurately assess what's required for the desired behaviour, pull out what isn't, and port that over here. |
Remove MCP skill-read gates, doc-deny hooks, import nudges, and the agent rule. Update SKILL.md, reference.md, and README to document only what the plugin ships. Co-authored-by: Cursor <cursoragent@cursor.com>
Bring over duplicate environment name handling in the skill, richer plugin manifest description, and simplified hooks.json from mcp-plugin-test-marketplace. Co-authored-by: Cursor <cursoragent@cursor.com>
| ### Step 2: Install the plugin | ||
|
|
||
| Install from the [Cursor Marketplace](https://cursor.com/marketplace): | ||
| Install from the [Cursor Marketplace](https://cursor.com/marketplace). This registers hooks, the `1password-environments` agent skill, and `mcp.json` together. Do not add the 1Password MCP server manually in user settings instead of installing the plugin — agents will get MCP tools without the skill workflow. |
There was a problem hiding this comment.
Does this just mean they'll get the MCP server only and not the hook? Asking because we have a manual tab in the docs that instructs people to do just this, so I want to make sure nothing else is missing: https://www.1password.dev/environments/mcp-server#other
| # 1Password Plugin for Cursor | ||
|
|
||
| The official [1Password](https://1password.com) plugin for [Cursor](https://cursor.com). It brings 1Password's secret management capabilities directly into your editor, helping you develop securely without leaving your workflow. | ||
| The official [1Password](https://1password.com) plugin for [Cursor](https://cursor.com). It ships three pieces that work together: **hooks** that validate locally mounted `.env` files, an **agent skill** with the complete Developer Environment workflow, and **MCP configuration** for the 1Password desktop app server. Secret values stay in 1Password — the agent sees variable names and mount paths, not secret contents. |
There was a problem hiding this comment.
Do we plan on taking this approach for other plugins, or just Cursor? Asking because it takes a different approach than our other MCP server instructions, which are only for the MCP server. The agent skill is also new to me. I'm wondering if we need to rethink our MCP server docs more comprehensively to support this. Alternatively, if it's possible to install the MCP server alone OR install this package, maybe this plugin can have its own, standalone page.
Summary
1passwordCursor plugin at v1.2.0mcp.jsonpointing at the local1password-mcpbinaryskills/1password-environments/SKILL.mdfor agent MCP workflows.gitignoreTest plan
/add-plugin 1passwordor local copybeforeShellExecutionhook appears in Settings → Hooksecho hello); verify allow/deny in Execution Log