npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@cdot65/prisma-airs-cursor-hooks

v0.1.3

Published

Cursor IDE hooks integrating Prisma AIRS scanning into the developer workflow

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

cdot65cdot65

Keywords

cursorcursor-hooksprismaairsai-securityprompt-injectiondlpmalicious-codepalo-alto

Readme

Prisma AIRS Cursor Hooks

Cursor IDE hooks that scan prompts and AI responses in real-time using Prisma AI Runtime Security (AIRS). Intercepts prompts before they reach the AI agent and responses before they're displayed, scanning for prompt injections, malicious code, sensitive data leakage, and policy violations.

Built on the @cdot65/prisma-airs-sdk.

How It Works

Developer prompt → beforeSubmitPrompt hook → AIRS Sync API → allow/block
                                                  ↓
                        Cursor AI Agent (if allowed)
                                                  ↓
AI response → afterAgentResponse hook → code extractor → AIRS Sync API → allow/block

Both hooks use Cursor's native hooks.json system. They receive structured JSON on stdin, scan via the AIRS API, and reply on stdout ({ "continue": false } to block prompts, { "permission": "deny" } + exit code 2 to block responses).

Prerequisites

  • Node.js 18+ (native fetch, crypto.randomUUID)
  • Cursor IDE (with hooks support)
  • Prisma AIRS API key and regional endpoint URL
  • AIRS security profiles configured for prompt and response scanning

Install

npm install -g @cdot65/prisma-airs-cursor-hooks

From source? See the Development section below.

Set Environment Variables

Add to your shell profile (~/.zshrc, ~/.bashrc, etc.):

export AIRS_API_KEY=<your-x-pan-token>
export AIRS_API_ENDPOINT=https://service.api.aisecurity.paloaltonetworks.com  # optional, defaults to US
export AIRS_PROMPT_PROFILE=cursor-ide-prompt-profile      # optional
export AIRS_RESPONSE_PROFILE=cursor-ide-response-profile  # optional

Note: Cursor inherits your shell environment, so hooks automatically have access to these variables. Only AIRS_API_KEY is required — endpoint defaults to US and profile names default to cursor-ide-prompt-profile / cursor-ide-response-profile.

Available regional endpoints: | Region | Endpoint | |--------|----------| | US (default) | https://service.api.aisecurity.paloaltonetworks.com | | EU | https://service-de.api.aisecurity.paloaltonetworks.com | | India | https://service-in.api.aisecurity.paloaltonetworks.com | | Singapore | https://service-sg.api.aisecurity.paloaltonetworks.com |

Validate Connectivity

prisma-airs-hooks validate-connection
prisma-airs-hooks validate-detection

Register Hooks in Cursor

prisma-airs-hooks install --global

This writes hooks.json registering two hooks pointing at precompiled JS:

  • beforeSubmitPrompt — scans every prompt before it reaches the AI agent
  • afterAgentResponse — scans every AI response (with code extraction) before display

It also copies airs-config.json to the hooks config directory.

Restart Cursor

Cursor reads hooks.json at startup. Restart Cursor to activate the hooks.

Verify

prisma-airs-hooks verify

Configuration

Runtime config lives at ~/.cursor/hooks/airs-config.json:

{
  "endpoint": "${AIRS_API_ENDPOINT}",
  "apiKeyEnvVar": "AIRS_API_KEY",
  "profiles": {
    "prompt": "cursor-ide-prompt-profile",
    "response": "cursor-ide-response-profile"
  },
  "mode": "observe",
  "timeout_ms": 3000,
  "retry": {
    "enabled": true,
    "max_attempts": 1,
    "backoff_base_ms": 200
  },
  "logging": {
    "path": ".cursor/hooks/airs-scan.log",
    "include_content": false
  },
  "enforcement": {
    "prompt_injection": "block",
    "dlp": "block",
    "malicious_code": "block",
    "url_categorization": "block",
    "toxicity": "block",
    "custom_topic": "block"
  },
  "circuit_breaker": {
    "enabled": true,
    "failure_threshold": 5,
    "cooldown_ms": 60000
  }
}

Modes

| Mode | Behavior | |------|----------| | observe | Log scan results, never block (default — start here) | | enforce | Block prompts/responses that AIRS flags | | bypass | Skip scanning entirely |

Enforcement actions

When mode is enforce, each detection service can be configured independently:

| Action | Behavior | |--------|----------| | block | Prevent the prompt/response from passing through | | mask | Log a warning and allow through (DLP masking) | | allow | Log but allow through |

Circuit breaker

After failure_threshold consecutive AIRS API failures, scanning is temporarily bypassed for cooldown_ms milliseconds. A probe request is sent after cooldown — if it succeeds, scanning resumes normally.

CLI Commands

| Command | Description | |---------|-------------| | prisma-airs-hooks install [--global] | Register hooks in Cursor | | prisma-airs-hooks uninstall [--global] | Remove AIRS hooks from Cursor | | prisma-airs-hooks verify | Check hooks registration and env vars | | prisma-airs-hooks validate-connection | Test AIRS API connectivity | | prisma-airs-hooks validate-detection | Verify prompt injection detection | | prisma-airs-hooks stats [--since 7d] [--json] | Show scan statistics |

Uninstall

prisma-airs-hooks uninstall --global

Removes AIRS entries from hooks.json while preserving other hooks, config, and logs. Restart Cursor after uninstalling.

Development

For contributors or those who want to run from source:

git clone https://github.com/cdot65/prisma-airs-cursor-hooks.git
cd prisma-airs-cursor-hooks
npm install
npm run build

Development commands

| Command | Description | |---------|-------------| | npm run build | Compile hooks to dist/ | | npm test | Run all tests (66 tests across 9 suites) | | npm run typecheck | TypeScript type checking | | npm run test:watch | Run tests in watch mode | | npm run validate-connection | Test AIRS API connectivity | | npm run validate-detection | Verify prompt injection detection | | npm run install-hooks | Write AIRS entries to .cursor/hooks.json | | npm run install-hooks -- --global | Write AIRS entries to ~/.cursor/hooks.json | | npm run uninstall-hooks -- --global | Remove AIRS entries from global hooks.json | | npm run verify-hooks | Check hooks are installed and env vars set | | npm run stats | Show scan statistics from log file |

Development mode

During development you can run hooks directly from TypeScript source without a build step:

{
  "command": "npx tsx \"/path/to/prisma-airs-cursor-hooks/src/hooks/before-submit-prompt.ts\""
}

This adds ~1.5s per hook invocation compared to compiled JS, so switch back to node dist/... for production use.

Project structure

src/                           TypeScript source
  hooks/
    before-submit-prompt.ts    Cursor beforeSubmitPrompt entry point
    after-agent-response.ts    Cursor afterAgentResponse entry point
  cli.ts                       CLI entry point (prisma-airs-hooks command)
  config.ts                    Config loader (project → global fallback)
  airs-client.ts               SDK wrapper with circuit breaker
  scanner.ts                   Scan orchestration + DLP masking + UX messages
  code-extractor.ts            Separates code from natural language
  logger.ts                    JSON Lines logging with rotation
  circuit-breaker.ts           Failure tracking with cooldown bypass
  dlp-masking.ts               Per-service enforcement actions
  log-rotation.ts              Rotate logs at 10MB
  types.ts                     TypeScript interfaces
  adapters/                    Multi-IDE adapter layer
dist/                          Compiled JS (production hooks point here)
scripts/
  install-hooks.ts             Write .cursor/hooks.json (points at dist/)
  uninstall-hooks.ts           Remove AIRS entries from hooks.json
  verify-hooks.ts              Tamper detection
  validate-connection.ts       Test AIRS connectivity
  validate-detection.ts        Verify detection works
  airs-stats.ts                Scan statistics CLI
test/
  9 test suites, 66 tests (incl. compiled JS integration tests)

License

MIT