Cursor Remote Devbox Control
Cursor added a remote control feature that runs agents on a devbox from any device—even a phone—so teams can standardize agents and development environments centrally. That changes how organizations think about enforcing devbox standards and controlling agent access to repositories and secrets. For teams adopting Cursor, this turns tool provisioning and access policy into an operational decision. (x.com)
Cursor’s new setup means a developer can start an agent on a company devbox and then steer that same machine from the web or a phone instead of opening the code on their own laptop. Cursor says its agents now appear across mobile, web, desktop, Slack, GitHub, and Linear, with the same work visible back in the desktop app. (cursor.com) A devbox is just a prebuilt work machine with the right programming language, package manager, and secret keys already in place. Companies use them so twenty engineers do not spend Monday morning fixing twenty different laptop setups. (cursor.com) Cursor has been moving toward that model for months. In June 2025 it made Background Agent generally available, and in October 2025 it added multi-agent workflows that isolate each agent in its own copy of the codebase to avoid file conflicts. (cursor.com 1) (cursor.com 2) In February 2026, Cursor added “computer use,” which gave each cloud agent its own virtual machine with a terminal, browser, and desktop. Cursor also said users could take over that remote desktop to test changes without checking out the branch locally. (cursor.com 1) (cursor.com 2) The new piece is where that machine can live. Cursor’s “My Machines” docs say cloud agents can run on “a machine you already use,” including a laptop, devbox, or remote virtual machine, instead of only in Cursor-managed infrastructure. (cursor.com) That shifts control from the individual developer to the team that owns the machine image. If the devbox has the approved software development kit, the approved internal tools, and the approved network path to staging, then every agent launched there inherits that exact setup. (cursor.com 1) (cursor.com 2) It also changes where access policy lives. Instead of asking whether one engineer’s laptop has the right repository permissions and secret files, a company can decide which repositories and credentials exist on the shared machine the agent is allowed to use. (cursor.com) (cursor.com) Cursor is already describing this as part of a broader agent workspace, not a one-off mobile trick. Its April 2, 2026 Cursor 3 release says the new Agents Window runs agents across local machines, cloud environments, worktrees, and remote Secure Shell sessions from one interface. (cursor.com) (cursor.com) The company’s own usage shows why it is building around remote execution. Cursor wrote last month that more than 30 percent of the pull requests it merges are now created by agents working autonomously in cloud sandboxes. (cursor.com) Once agents live on centrally managed devboxes, “installing Cursor” stops being the main decision. The real choice becomes which machine images get agent access, which repositories mount there, which secrets are present, and which teams are allowed to remote-control the result from a browser or phone. (cursor.com) (cursor.com)
