sbx: add docs for cursor-agent

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>

Author: dvdksn

content/manuals/ai/sandboxes/agents/_index.md

@@ -3,7 +3,7 @@ title: Supported agents
 linkTitle: Agents
 weight: 30
 description: AI coding agents supported by Docker Sandboxes.
-keywords: docker sandboxes, ai agents, claude code, codex, gemini
+keywords: docker sandboxes, ai agents, claude code, codex, cursor, gemini
 ---
 
 {{< summary-bar feature_name="Docker Sandboxes sbx" >}}
@@ -13,6 +13,7 @@ Docker Sandboxes runs the following agents out of the box:
 - [Claude Code](claude-code/)
 - [Codex](codex/)
 - [Copilot](copilot/)
+- [Cursor](cursor/)
 - [Droid](droid/)
 - [Gemini](gemini/)
 - [Kiro](kiro/)

content/manuals/ai/sandboxes/agents/cursor.md

@@ -0,0 +1,79 @@
+---
+title: Cursor
+weight: 33
+description: |
+  Use Cursor in Docker Sandboxes with API key or proxy-managed OAuth
+  authentication.
+keywords: docker sandboxes, cursor, cursor agent, ai agent, sbx
+---
+
+{{< summary-bar feature_name="Docker Sandboxes sbx" >}}
+
+This guide covers authentication, configuration, and usage of Cursor in a
+sandboxed environment.
+
+Official documentation: [Cursor CLI](https://cursor.com/cli)
+
+## Quick start
+
+Create a sandbox and run Cursor for a project directory:
+
+```console
+$ sbx run cursor ~/my-project
+```
+
+The workspace parameter is optional and defaults to the current directory:
+
+```console
+$ cd ~/my-project
+$ sbx run cursor
+```
+
+## Authentication
+
+Cursor supports two authentication methods: an API key or OAuth.
+
+**API key**: Store your Cursor API key using
+[stored secrets](../security/credentials.md#stored-secrets):
+
+```console
+$ sbx secret set -g cursor
+```
+
+Alternatively, export the `CURSOR_API_KEY` environment variable in your shell
+before running the sandbox. See
+[Credentials](../security/credentials.md) for details on both methods.
+
+**OAuth**: If no API key is set, Cursor prompts you to sign in interactively
+on first run. The proxy intercepts the token exchange with
+`api2.cursor.sh/auth/poll`, so credentials are managed by the host and aren't
+stored inside the sandbox.
+
+## Configuration
+
+Sandboxes don't pick up user-level configuration from your host, such as
+`~/.cursor`. Only project-level configuration in the working directory is
+available inside the sandbox. See
+[Why doesn't the sandbox use my user-level agent configuration?](../faq.md#why-doesnt-the-sandbox-use-my-user-level-agent-configuration)
+for workarounds.
+
+Cursor reads `AGENTS.md` from the workspace for agent-specific instructions.
+
+The sandbox runs Cursor in YOLO mode by default, which executes commands
+without approval prompts. Pass additional `cursor-agent` CLI options after
+`--`:
+
+```console
+$ sbx run cursor --name <sandbox-name> -- <cursor-options>
+```
+
+## Base image
+
+Template: `docker/sandbox-templates:cursor-agent-docker`
+
+Preconfigured to run in YOLO mode with HTTP/1.1 and server-sent events for
+agent traffic so requests flow through the host proxy. Authentication state
+is persisted across sandbox restarts.
+
+See [Customize](../customize/) to pre-install tools or customize this
+environment.

content/manuals/ai/sandboxes/customize/templates.md

@@ -44,6 +44,7 @@ CLI, and common development tools like Node.js, Python, Go, and Java.
 | `claude-code-minimal` | Claude Code with a minimal toolset (no Node.js, Python, Go, or Java) |
 | `codex`               | [OpenAI Codex](https://github.com/openai/codex)                      |
 | `copilot`             | [GitHub Copilot](https://github.com/github/copilot-cli)              |
+| `cursor-agent`        | [Cursor](https://cursor.com/cli)                                     |
 | `docker-agent`        | [Docker Agent](https://github.com/docker/docker-agent)               |
 | `droid`               | [Droid](https://www.factory.ai)                                      |
 | `gemini`              | [Gemini CLI](https://github.com/google-gemini/gemini-cli)            |