Problem
The project requires three environment secrets for deployment:
CURSOR_BACKEND_BASE_URLCURSOR_CHAT_ENDPOINTCURSOR_LOCAL_AGENT_ENDPOINT
However, the correct values are not documented anywhere. The .env.example and README.md contain only placeholders like "private-cursor-backend-origin" and "private-cursor-chat-endpoint". The AGENTS.md explicitly prohibits committing them, and the values have never appeared in the git history.
What we tried
- Searched the codebase — no hardcoded values, only env var references.
- Inspected
@cursor/sdk — found https://api2.cursor.sh as default backend and agent.v1.AgentService proto definitions, but these don't match the chat endpoint.
- mitmproxy on macOS — Cursor's chat streaming uses native HTTP/2 connections that bypass
HTTPS_PROXY. Only metadata RPCs were captured (GetTeams, AvailableModels, etc.).
- Searched Cursor's bundled JS files — the chat endpoint path is constructed dynamically at runtime, not present as a string literal.
- Wireshark with SSLKEYLOGFILE — Cursor's native process doesn't respect it, so TLS decryption failed.
Result
Setting CURSOR_BACKEND_BASE_URL=https://api2.cursor.sh and guessing the chat endpoint path results in:
parse binary: illegal tag: field no 0 wire type 0
This confirms the guessed path returns non-protobuf content.
Request
Could you please document how self-hosters can obtain the correct values for these three secrets? Even a pointer in the right direction would be very helpful.
Thank you for this great project!
Problem
The project requires three environment secrets for deployment:
CURSOR_BACKEND_BASE_URLCURSOR_CHAT_ENDPOINTCURSOR_LOCAL_AGENT_ENDPOINTHowever, the correct values are not documented anywhere. The
.env.exampleandREADME.mdcontain only placeholders like"private-cursor-backend-origin"and"private-cursor-chat-endpoint". TheAGENTS.mdexplicitly prohibits committing them, and the values have never appeared in the git history.What we tried
@cursor/sdk— foundhttps://api2.cursor.shas default backend andagent.v1.AgentServiceproto definitions, but these don't match the chat endpoint.HTTPS_PROXY. Only metadata RPCs were captured (GetTeams,AvailableModels, etc.).Result
Setting
CURSOR_BACKEND_BASE_URL=https://api2.cursor.shand guessing the chat endpoint path results in:This confirms the guessed path returns non-protobuf content.
Request
Could you please document how self-hosters can obtain the correct values for these three secrets? Even a pointer in the right direction would be very helpful.
Thank you for this great project!