From ef9deb1151eb1eca231bf26b459abf543b8ccb53 Mon Sep 17 00:00:00 2001 From: Matan Eden <57892946+MatanEden1@users.noreply.github.com> Date: Thu, 4 Jun 2026 12:00:01 +0300 Subject: [PATCH 1/5] Clarify execution mandates for live command usage in JFrog MCP documentation --- .../jfrog/templates/jfrog-mcp-management.md | 20 ++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/plugins/jfrog/templates/jfrog-mcp-management.md b/plugins/jfrog/templates/jfrog-mcp-management.md index 72fd1a7..3bebe07 100644 --- a/plugins/jfrog/templates/jfrog-mcp-management.md +++ b/plugins/jfrog/templates/jfrog-mcp-management.md @@ -103,10 +103,13 @@ not call `--inspect` — go to "Listing MCPs > Available to install" instead, show the catalog, have them pick, then come back to Step 2 with the chosen name. -Once you have a name, run a SINGLE command — no Fetch/WebFetch, no -custom curl/Python, no direct JFrog API calls: +Once you have a name, you must fetch its live details. -``` +**STRICT LIVE EXECUTION MANDATE:** Every time the user asks for details, parameters, configuration, or an inspection of a specific MCP, you **MUST** physically run the terminal command below. **NEVER** reuse, assume, or copy configuration payloads from previous chat turns or context history, as the underlying configuration or headers may have changed. A fresh, live execution tool call is mandatory for every single inquiry. + +Run EXACTLY this command — no Fetch/WebFetch, no custom curl/Python, no direct JFrog API calls: + +```bash npx --yes \ --registry \ @jfrog/mcp-gateway \ @@ -310,10 +313,17 @@ elsewhere. any existing `mcpServers` entry or pre-installed gateway — `npx --yes` fetches the gateway on demand, so this works on a fresh machine too. -2. Run EXACTLY this command — `--server` and `--project` are + +2. **STRICT LIVE EXECUTION MANDATE:** Every time the user asks to see available MCPs, + the catalog, or what can be installed, you **MUST** physically run the terminal + command below. **NEVER** copy, reuse, or re-display lists from previous turns + or context history, even if the request was made just moments ago. A fresh, + live execution tool call is mandatory for every single inquiry. + +3. Run EXACTLY this command — `--server` and `--project` are passed as CLI flags, **no env vars needed**: -``` +```bash npx --yes \ --registry \ @jfrog/mcp-gateway \ From 0ac7e59e7deb8557a96a07d99ab7edf793b79b88 Mon Sep 17 00:00:00 2001 From: Matan Eden <57892946+MatanEden1@users.noreply.github.com> Date: Thu, 4 Jun 2026 17:10:10 +0300 Subject: [PATCH 2/5] Restore STRICT LIVE EXECUTION MANDATE block dropped in merge The main merge conflict resolution dropped the STRICT live-execution block from the "Available to install" step. Re-add it while keeping main's server-config clarification and agent-guard rename. Co-Authored-By: Claude Opus 4.8 (1M context) --- plugins/jfrog/templates/jfrog-mcp-management.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/plugins/jfrog/templates/jfrog-mcp-management.md b/plugins/jfrog/templates/jfrog-mcp-management.md index c0c840a..1475baf 100644 --- a/plugins/jfrog/templates/jfrog-mcp-management.md +++ b/plugins/jfrog/templates/jfrog-mcp-management.md @@ -328,7 +328,14 @@ elsewhere. any existing `mcpServers` entry or pre-installed gateway — `npx --yes` fetches the gateway on demand, so this works on a fresh machine too. -2. Run EXACTLY this command — `--project` is passed as a CLI flag + +2. **STRICT LIVE EXECUTION MANDATE:** Every time the user asks to see available MCPs, + the catalog, or what can be installed, you **MUST** physically run the terminal + command below. **NEVER** copy, reuse, or re-display lists from previous turns + or context history, even if the request was made just moments ago. A fresh, + live execution tool call is mandatory for every single inquiry. + +3. Run EXACTLY this command — `--project` is passed as a CLI flag To configure the server, either use the serverId from a jf cli config with `--server` or omit `--server` if env vars are used to configure URL and Access Token. **no additional env vars needed**: @@ -345,7 +352,7 @@ npx --yes \ Output is a JSON array; each element has `name`, `packageName`, `description`, `type`, `packageVersion`, optional `env[]`. -3. Filter out any `packageName` already present in the installed list +4. Filter out any `packageName` already present in the installed list (compare against `mcp=` in `_JF_ARGS`). Mark the rest as available to install. From 38c9ed18210a2406d9d5397a5845384d62bdc14b Mon Sep 17 00:00:00 2001 From: Matan Eden <57892946+MatanEden1@users.noreply.github.com> Date: Sun, 7 Jun 2026 11:17:32 +0300 Subject: [PATCH 3/5] Strip trailing whitespace from STRICT mandate lines Addresses AI review nit: trailing spaces on added lines (two trailing spaces render as a hard
in markdown). Co-Authored-By: Claude Opus 4.8 (1M context) --- plugins/jfrog/templates/jfrog-mcp-management.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/plugins/jfrog/templates/jfrog-mcp-management.md b/plugins/jfrog/templates/jfrog-mcp-management.md index 1475baf..e593b6d 100644 --- a/plugins/jfrog/templates/jfrog-mcp-management.md +++ b/plugins/jfrog/templates/jfrog-mcp-management.md @@ -121,7 +121,7 @@ not call `--inspect` — go to "Listing MCPs > Available to install" instead, show the catalog, have them pick, then come back to Step 2 with the chosen name. -Once you have a name, you must fetch its live details. +Once you have a name, you must fetch its live details. **STRICT LIVE EXECUTION MANDATE:** Every time the user asks for details, parameters, configuration, or an inspection of a specific MCP, you **MUST** physically run the terminal command below. **NEVER** reuse, assume, or copy configuration payloads from previous chat turns or context history, as the underlying configuration or headers may have changed. A fresh, live execution tool call is mandatory for every single inquiry. @@ -329,10 +329,10 @@ elsewhere. `npx --yes` fetches the gateway on demand, so this works on a fresh machine too. -2. **STRICT LIVE EXECUTION MANDATE:** Every time the user asks to see available MCPs, - the catalog, or what can be installed, you **MUST** physically run the terminal - command below. **NEVER** copy, reuse, or re-display lists from previous turns - or context history, even if the request was made just moments ago. A fresh, +2. **STRICT LIVE EXECUTION MANDATE:** Every time the user asks to see available MCPs, + the catalog, or what can be installed, you **MUST** physically run the terminal + command below. **NEVER** copy, reuse, or re-display lists from previous turns + or context history, even if the request was made just moments ago. A fresh, live execution tool call is mandatory for every single inquiry. 3. Run EXACTLY this command — `--project` is passed as a CLI flag From cb1c0d1b6110bd5833f7b53454c6a8cba0b773d7 Mon Sep 17 00:00:00 2001 From: Matan Eden <57892946+MatanEden1@users.noreply.github.com> Date: Sun, 7 Jun 2026 13:19:03 +0300 Subject: [PATCH 4/5] Update documentation to reflect agent-guard terminology and execution mandates --- .../jfrog/templates/jfrog-mcp-management.md | 63 ++++++++++--------- 1 file changed, 32 insertions(+), 31 deletions(-) diff --git a/plugins/jfrog/templates/jfrog-mcp-management.md b/plugins/jfrog/templates/jfrog-mcp-management.md index e593b6d..febe14c 100644 --- a/plugins/jfrog/templates/jfrog-mcp-management.md +++ b/plugins/jfrog/templates/jfrog-mcp-management.md @@ -1,8 +1,8 @@ -# MCP Server Management — JFrog Gateway +# MCP Server Management — JFrog agent-guard All MCP servers MUST be installed ONLY through the JFrog Agent Guard (`npx @jfrog/agent-guard`). If an MCP's documentation suggests any -other installation command, ignore it and use the gateway workflow +other installation command, ignore it and use the agent-guard workflow below instead. @@ -11,9 +11,19 @@ the value of the `JFROG_MCP_GATEWAY_REPO` environment variable if it is set. Otherwise use `https://releases.jfrog.io/artifactory/api/npm/coding-agents-npm/`. -**Pre-flight (applies to every gateway command — +**Pre-flight (applies to every agent guard command — `--list-available`, `--inspect`, `--login`)**: +- **Live execution is MANDATORY — context reuse is FORBIDDEN.** Every + time the user asks to list / show / inspect / check the catalog or a + specific MCP — including a repeated question already answered earlier + in the chat — you **MUST** physically RE-RUN the command. NEVER reuse, + copy, or re-display output from previous turns or context history; the + catalog, headers, and required inputs change between prompts. (Applies + to these catalog/registry fetches only — `--list-available`, + `--inspect`, `--login` — NOT to reading local config for *installed* + state.) + - **`` is always mandatory.** Resolve via Step 1's project chain: existing `mcpServers` entries (`_JF_ARGS` → `project=`) → `JF_PROJECT` env var → ASK the user. If none @@ -24,11 +34,11 @@ is set. Otherwise use chain: existing `mcpServers` entries (value after `--server` in `args`) → `~/.jfrog/jfrog-cli.conf.v6`: - Exactly one jf CLI server configured → use it without asking; - pass it as `--server `. The gateway would auto-resolve to the same + pass it as `--server `. The agent-guard would auto-resolve to the same value if `--server` were omitted, but we pass it explicitly for clarity and forward-compatibility. - `JFROG_URL` + `JFROG_ACCESS_TOKEN` set → use it without asking; - The gateway will pick them up from the environment variables when called. + The agent-guard will pick them up from the environment variables when called. - Two or more jf CLI servers and no `JFROG_URL` → list IDs, ALWAYS ASK the user which one, then pass that as `--server `. ALWAYS prefer environment variables when set over asking. @@ -77,8 +87,8 @@ unless absolutely necessary: or `~/.cursor/mcp.json` (user) — take the value after `--server` in `args`. 2. Else `JFROG_URL` env var set (with `JFROG_ACCESS_TOKEN`) — the - gateway can resolve credentials from these directly; - DO NOT pass `--server` as that would make the gateway try to + agent-guard can resolve credentials from these directly; + DO NOT pass `--server` as that would make the agent-guard try to parse the server details from the jf cli configuration. 3. Else read `~/.jfrog/jfrog-cli.conf.v6` (`%USERPROFILE%\.jfrog\jfrog-cli.conf.v6` on Windows) via a @@ -93,7 +103,7 @@ unless absolutely necessary: NEVER try multiple servers — pick one. Once chosen, pass it If a server from the jf cli configuration is supposed to be used: -Always explicitly as `--server ` in every gateway invocation. +Always explicitly as `--server ` in every agent-guard invocation. Otherwise, if environment variables for `JFROG_URL` and `JFROG_ACCESS_TOKEN` are used: Do NOT pass `--server ` @@ -123,8 +133,6 @@ with the chosen name. Once you have a name, you must fetch its live details. -**STRICT LIVE EXECUTION MANDATE:** Every time the user asks for details, parameters, configuration, or an inspection of a specific MCP, you **MUST** physically run the terminal command below. **NEVER** reuse, assume, or copy configuration payloads from previous chat turns or context history, as the underlying configuration or headers may have changed. A fresh, live execution tool call is mandatory for every single inquiry. - Run EXACTLY this command — no Fetch/WebFetch, no custom curl/Python, no direct JFrog API calls: ```bash @@ -194,7 +202,7 @@ Add the entry under `mcpServers` in the target config (default `@jfrog/agent-guard`** or `npx` falls back to the default registry (404) and may block on a no-TTY prompt. Use `"type": "stdio"` — never `"http"`, `"sse"`, or a top-level `"url"` -(those bypass the gateway). +(those bypass the agent-guard). ```json { @@ -221,7 +229,7 @@ registry (404) and may block on a no-TTY prompt. Use Notes: -- If a required `${env:VAR}` is unset, the gateway fails at startup. +- If a required `${env:VAR}` is unset, the agent-guard fails at startup. Confirm the user exported it before they restart. If any env vars are missing, ASK the user to export them and restart Cursor. - For `Bearer`-prefixed headers, either include the prefix in the env @@ -325,17 +333,10 @@ elsewhere. 1. Determine **server** and **project** per the Pre-flight rule at the top of this document. `--list-available` does NOT require - any existing `mcpServers` entry or pre-installed gateway — - `npx --yes` fetches the gateway on demand, so this works on a + any existing `mcpServers` entry or pre-installed agent-guard — + `npx --yes` fetches the agent-guard on demand, so this works on a fresh machine too. - -2. **STRICT LIVE EXECUTION MANDATE:** Every time the user asks to see available MCPs, - the catalog, or what can be installed, you **MUST** physically run the terminal - command below. **NEVER** copy, reuse, or re-display lists from previous turns - or context history, even if the request was made just moments ago. A fresh, - live execution tool call is mandatory for every single inquiry. - -3. Run EXACTLY this command — `--project` is passed as a CLI flag +2. Run EXACTLY this command — `--project` is passed as a CLI flag To configure the server, either use the serverId from a jf cli config with `--server` or omit `--server` if env vars are used to configure URL and Access Token. **no additional env vars needed**: @@ -352,19 +353,19 @@ npx --yes \ Output is a JSON array; each element has `name`, `packageName`, `description`, `type`, `packageVersion`, optional `env[]`. -4. Filter out any `packageName` already present in the installed list +3. Filter out any `packageName` already present in the installed list (compare against `mcp=` in `_JF_ARGS`). Mark the rest as available to install. ## Key Rules - **`npx` arg order:** `--yes`, `--registry `, - `@jfrog/agent-guard`, then gateway flags. Both `--yes` and + `@jfrog/agent-guard`, then agent-guard flags. Both `--yes` and `--registry` MUST precede the package name or `npx` falls back to the default registry (404) and may block on a no-TTY prompt. - **Always `"type": "stdio"`** pointing at `npx @jfrog/agent-guard`, - even for remote-only catalog MCPs (the gateway proxies them). - `"http"`, `"sse"`, or a top-level `"url"` bypass the gateway. + even for remote-only catalog MCPs (the agent-guard proxies them). + `"http"`, `"sse"`, or a top-level `"url"` bypass the agent-guard. - `_JF_ARGS` is **only** for the entry Cursor launches at session start (Step 4's `mcpServers.*.env`); MUST contain `project=&mcp=`. @@ -377,7 +378,7 @@ Output is a JSON array; each element has `name`, `packageName`, NEVER invent or guess projects or server IDs. - Package name MUST come from the catalog (`--inspect` / `--list-available`). NEVER guess. NEVER install MCPs outside the - gateway. NEVER use Fetch/WebFetch for catalog calls. + agent-guard. NEVER use Fetch/WebFetch for catalog calls. - NEVER write a raw secret into `mcp.json` — always use `${env:VAR_NAME}`. NEVER show tokens / API keys. - NEVER try multiple servers — ask the user to pick one. @@ -385,25 +386,25 @@ Output is a JSON array; each element has `name`, `packageName`, ## Troubleshooting - **`ready` but 0 tools (empty `mcps//tools/` after a - Command Palette `Developer: Reload Window`)** — gateway proxy + Command Palette `Developer: Reload Window`)** — agent-guard proxy started, upstream MCP did not. The top-level `ready` label is misleading here. NEVER report success when there are 0 tools. 1. Open Cursor's MCP / Output panel for the - gateway stderr; diagnose by MCP type: + agent-guard stderr; diagnose by MCP type: - **OAuth (remote)** — re-run Step 5 (`--login`); refresh token likely expired. - **Static-token (remote)** — confirm every `${env:VAR}` in `env` is exported in the shell that launched Cursor and the token is still valid. - **Local (stdio)** — check that the bundled binary actually - launched (gateway stderr will show the spawn error). + launched (agent-guard stderr will show the spawn error). 2. Verify that the mcp server is still allowed. See "Listing MCPs > Available to install". - **`mcp.json` server missing from `cursor agent mcp list` / Tools & MCP** — never enabled. Re-run Step 4a (`cursor agent mcp enable `); if the entry is brand-new, also `Developer: Reload Window` so Cursor picks up the file. -- **Gateway: `multiple/no JFrog server configured`** (the gateway +- **Gateway: `multiple/no JFrog server configured`** (the agent-guard cannot pick a JFrog server) — pass `--server ` (after `jf c add `) OR export both `JFROG_URL` and `JFROG_ACCESS_TOKEN` in the launching shell, then relaunch Cursor. From 39879e4550d8b34c5e3ec3e3543b735744df00f5 Mon Sep 17 00:00:00 2001 From: Matan Eden <57892946+MatanEden1@users.noreply.github.com> Date: Sun, 7 Jun 2026 14:08:49 +0300 Subject: [PATCH 5/5] Address review: consolidate live-execution mandate + agent guard rename - Move the live-execution mandate into a single Pre-flight rule and remove the duplicated STRICT blocks from Step 2 and Available-to-install. - Exclude --login from the re-run scope (re-running it re-opens the OAuth browser); the Pre-flight header keeps --login for project/server resolution. - Rename remaining prose "gateway" -> "agent guard" (title, body, troubleshooting label); keep the @jfrog/agent-guard package name. - Make shell code fences consistent (plain ```), strip trailing whitespace on touched lines. Co-Authored-By: Claude Opus 4.8 (1M context) --- .../jfrog/templates/jfrog-mcp-management.md | 52 +++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/plugins/jfrog/templates/jfrog-mcp-management.md b/plugins/jfrog/templates/jfrog-mcp-management.md index febe14c..69add41 100644 --- a/plugins/jfrog/templates/jfrog-mcp-management.md +++ b/plugins/jfrog/templates/jfrog-mcp-management.md @@ -1,8 +1,8 @@ -# MCP Server Management — JFrog agent-guard +# MCP Server Management — JFrog Agent Guard All MCP servers MUST be installed ONLY through the JFrog Agent Guard (`npx @jfrog/agent-guard`). If an MCP's documentation suggests any -other installation command, ignore it and use the agent-guard workflow +other installation command, ignore it and use the agent guard workflow below instead. @@ -20,9 +20,9 @@ is set. Otherwise use in the chat — you **MUST** physically RE-RUN the command. NEVER reuse, copy, or re-display output from previous turns or context history; the catalog, headers, and required inputs change between prompts. (Applies - to these catalog/registry fetches only — `--list-available`, - `--inspect`, `--login` — NOT to reading local config for *installed* - state.) + to these catalog/registry fetches only — `--list-available` and + `--inspect`; NOT `--login`, which would re-open the OAuth browser, and + NOT reading local config for *installed* state.) - **`` is always mandatory.** Resolve via Step 1's project chain: existing `mcpServers` entries (`_JF_ARGS` → @@ -34,11 +34,11 @@ is set. Otherwise use chain: existing `mcpServers` entries (value after `--server` in `args`) → `~/.jfrog/jfrog-cli.conf.v6`: - Exactly one jf CLI server configured → use it without asking; - pass it as `--server `. The agent-guard would auto-resolve to the same + pass it as `--server `. The agent guard would auto-resolve to the same value if `--server` were omitted, but we pass it explicitly for clarity and forward-compatibility. - `JFROG_URL` + `JFROG_ACCESS_TOKEN` set → use it without asking; - The agent-guard will pick them up from the environment variables when called. + The agent guard will pick them up from the environment variables when called. - Two or more jf CLI servers and no `JFROG_URL` → list IDs, ALWAYS ASK the user which one, then pass that as `--server `. ALWAYS prefer environment variables when set over asking. @@ -87,8 +87,8 @@ unless absolutely necessary: or `~/.cursor/mcp.json` (user) — take the value after `--server` in `args`. 2. Else `JFROG_URL` env var set (with `JFROG_ACCESS_TOKEN`) — the - agent-guard can resolve credentials from these directly; - DO NOT pass `--server` as that would make the agent-guard try to + agent guard can resolve credentials from these directly; + DO NOT pass `--server` as that would make the agent guard try to parse the server details from the jf cli configuration. 3. Else read `~/.jfrog/jfrog-cli.conf.v6` (`%USERPROFILE%\.jfrog\jfrog-cli.conf.v6` on Windows) via a @@ -103,7 +103,7 @@ unless absolutely necessary: NEVER try multiple servers — pick one. Once chosen, pass it If a server from the jf cli configuration is supposed to be used: -Always explicitly as `--server ` in every agent-guard invocation. +Always explicitly as `--server ` in every agent guard invocation. Otherwise, if environment variables for `JFROG_URL` and `JFROG_ACCESS_TOKEN` are used: Do NOT pass `--server ` @@ -135,7 +135,7 @@ Once you have a name, you must fetch its live details. Run EXACTLY this command — no Fetch/WebFetch, no custom curl/Python, no direct JFrog API calls: -```bash +``` npx --yes \ --registry \ @jfrog/agent-guard \ @@ -202,7 +202,7 @@ Add the entry under `mcpServers` in the target config (default `@jfrog/agent-guard`** or `npx` falls back to the default registry (404) and may block on a no-TTY prompt. Use `"type": "stdio"` — never `"http"`, `"sse"`, or a top-level `"url"` -(those bypass the agent-guard). +(those bypass the agent guard). ```json { @@ -229,7 +229,7 @@ registry (404) and may block on a no-TTY prompt. Use Notes: -- If a required `${env:VAR}` is unset, the agent-guard fails at startup. +- If a required `${env:VAR}` is unset, the agent guard fails at startup. Confirm the user exported it before they restart. If any env vars are missing, ASK the user to export them and restart Cursor. - For `Bearer`-prefixed headers, either include the prefix in the env @@ -333,15 +333,15 @@ elsewhere. 1. Determine **server** and **project** per the Pre-flight rule at the top of this document. `--list-available` does NOT require - any existing `mcpServers` entry or pre-installed agent-guard — - `npx --yes` fetches the agent-guard on demand, so this works on a + any existing `mcpServers` entry or pre-installed agent guard — + `npx --yes` fetches the agent guard on demand, so this works on a fresh machine too. 2. Run EXACTLY this command — `--project` is passed as a CLI flag To configure the server, either use the serverId from a jf cli config with `--server` or omit `--server` if env vars are used to configure URL and Access Token. **no additional env vars needed**: -```bash +``` npx --yes \ --registry \ @jfrog/agent-guard \ @@ -360,12 +360,12 @@ Output is a JSON array; each element has `name`, `packageName`, ## Key Rules - **`npx` arg order:** `--yes`, `--registry `, - `@jfrog/agent-guard`, then agent-guard flags. Both `--yes` and + `@jfrog/agent-guard`, then agent guard flags. Both `--yes` and `--registry` MUST precede the package name or `npx` falls back to the default registry (404) and may block on a no-TTY prompt. - **Always `"type": "stdio"`** pointing at `npx @jfrog/agent-guard`, - even for remote-only catalog MCPs (the agent-guard proxies them). - `"http"`, `"sse"`, or a top-level `"url"` bypass the agent-guard. + even for remote-only catalog MCPs (the agent guard proxies them). + `"http"`, `"sse"`, or a top-level `"url"` bypass the agent guard. - `_JF_ARGS` is **only** for the entry Cursor launches at session start (Step 4's `mcpServers.*.env`); MUST contain `project=&mcp=`. @@ -378,7 +378,7 @@ Output is a JSON array; each element has `name`, `packageName`, NEVER invent or guess projects or server IDs. - Package name MUST come from the catalog (`--inspect` / `--list-available`). NEVER guess. NEVER install MCPs outside the - agent-guard. NEVER use Fetch/WebFetch for catalog calls. + agent guard. NEVER use Fetch/WebFetch for catalog calls. - NEVER write a raw secret into `mcp.json` — always use `${env:VAR_NAME}`. NEVER show tokens / API keys. - NEVER try multiple servers — ask the user to pick one. @@ -386,25 +386,25 @@ Output is a JSON array; each element has `name`, `packageName`, ## Troubleshooting - **`ready` but 0 tools (empty `mcps//tools/` after a - Command Palette `Developer: Reload Window`)** — agent-guard proxy - started, upstream MCP did not. The top-level `ready` label is - misleading here. NEVER report success when there are 0 tools. + Command Palette `Developer: Reload Window`)** — agent guard proxy + started, upstream MCP did not. The top-level `ready` label is + misleading here. NEVER report success when there are 0 tools. 1. Open Cursor's MCP / Output panel for the - agent-guard stderr; diagnose by MCP type: + agent guard stderr; diagnose by MCP type: - **OAuth (remote)** — re-run Step 5 (`--login`); refresh token likely expired. - **Static-token (remote)** — confirm every `${env:VAR}` in `env` is exported in the shell that launched Cursor and the token is still valid. - **Local (stdio)** — check that the bundled binary actually - launched (agent-guard stderr will show the spawn error). + launched (agent guard stderr will show the spawn error). 2. Verify that the mcp server is still allowed. See "Listing MCPs > Available to install". - **`mcp.json` server missing from `cursor agent mcp list` / Tools & MCP** — never enabled. Re-run Step 4a (`cursor agent mcp enable `); if the entry is brand-new, also `Developer: Reload Window` so Cursor picks up the file. -- **Gateway: `multiple/no JFrog server configured`** (the agent-guard +- **Agent Guard: `multiple/no JFrog server configured`** (the agent guard cannot pick a JFrog server) — pass `--server ` (after `jf c add `) OR export both `JFROG_URL` and `JFROG_ACCESS_TOKEN` in the launching shell, then relaunch Cursor.