Prove what Cursor's agents did inside your own infrastructure.
Your engineers run Cursor's self-hosted cloud agents at full speed on workers inside your network. Probity wraps each worker session in a per-task microVM and signs a tamper-evident record of every action, collected from outside the agent's reach and streamed to the SIEM your security team already runs.
Cursor's agents execute on your workers, with your credentials.
Cursor keeps orchestration in its cloud, but every terminal command, file edit and browser action runs on a worker inside your network, with access to your caches, dependencies and internal endpoints. The only account of what the worker did is the agent's own.
Workers reach the same internal services your engineers do.
It can build, test and push against your real infrastructure.
The agent's own logs are the only record of what ran.
Drop Probity in as the host for your self-hosted worker.
Grounded in the vendor's own documentation, not a bolt-on. Cursor's self-hosted agents docs ↗
Keep Cursor's orchestration in the cloud
Cursor's agent loop, inference and planning, stays in Cursor's cloud. The self-hosted worker executes every tool call inside your network over an outbound HTTPS connection. Probity changes none of that orchestration.
Run each worker session in a Probity microVM
Start the agent worker process inside a Probity per-session microVM with a host sensor the agent cannot see or reach. Every process, file read/write, network egress and MCP call is captured from the host. Single-use workers make each session its own record.
Ship one signed record per session
Each Cloud Agent session becomes a signed, append-only record and streams to the SIEM and object store you already run, supporting incident review and applicable Article 12 or NYDFS evidence controls.
Your engineers keep shipping. Your security team can prove it.
- Run self-hosted Cloud Agents at full autonomy, in parallel.
- Code, secrets and build artifacts stay on your own workers.
- No change to how your team triggers agents from Slack, GitHub or Linear.
- A tamper-evident record of every worker session, collected from the host.
- Streams to the SIEM you already run, no new console.
- Incident-ready and retained for applicable Article 12 or NYDFS evidence controls.
Every Cursor agent session, fully recorded.
Seven classes of behavioral evidence per Cursor Cloud Agent session, protected by one tamper-evident integrity chain.
Process activity
Every spawn, argument, and exit code.
File reads
Every path opened, secrets included.
File writes
Every file created or modified.
Network calls
Every outbound destination and method.
MCP tool calls
Every tool the agent invoked.
Syscall surface
The kernel calls it was allowed.
Session identity
Which scoped token, expiring per task.
One signed record per Cursor agent session, streamed to the SIEM and object store you already run.
Your Cursor agent trail has to survive an audit.
Article 12 applies to high-risk AI systems, and NYDFS Part 500 applies to covered entities. For every team, a worker log written inside the agent's reach remains an incident and audit gap.
Private beta. Twelve deployments.
Probity is in private beta: the first cohort is limited to twelve deployments, each reviewed and onboarded by a NOFire AI founder.
Questions first? Write to contact@nofire.ai.