JFrog Platform integration for Cursor — artifact management, security scanning, and supply-chain best practices powered by the JFrog MCP Server.
| Component | Path | Description |
|---|---|---|
| MCP | plugins/jfrog/mcp.json |
Remote JFrog MCP server (OAuth, no API keys) |
| Skills | plugins/jfrog/skills/ |
11 AI skills covering Artifactory, Security, Access, CLI, Curation, Distribution, AppTrust, Runtime, Mission Control, Workers, and Patterns |
| Rule | plugins/jfrog/rules/jfrog-security.mdc |
Supply-chain security practices for dependency files |
| Agent | plugins/jfrog/agents/supply-chain-security.md |
Dependency audit for CVEs, licenses, and curation |
- JFrog Platform access (Cloud or self-hosted).
- An admin enables the JFrog MCP Server on the platform (Cloud/SaaS only):
- Administration > General > Settings > MCP Server → toggle ON.
- Each developer configures Cursor with their JFrog Platform URL (see Setup).
- JFrog CLI (
jf) is used by several skills for authentication and REST API operations. It will be installed automatically if missing. Install manually viabrew install jfrog-clior the official install script.
- Install the plugin in Cursor.
- Set the
JFROG_PLATFORM_URLenvironment variable to your JFrog instance (e.g.mycompany.jfrog.io). - Restart Cursor. An OAuth window opens in your browser — authorize access.
No manual tokens or API keys are required. MCP workflows use OAuth; CLI/REST-based skills authenticate automatically via jf config browser login.
node scripts/validate-template.mjs