Chainguard Partners with Cursor to Secure AI-Driven Software Supply Chains

New updates have been reported about Chainguard.

Chainguard has entered a strategic partnership with AI coding platform Cursor to embed its secure-by-default open source artifacts into agentic software development workflows, aiming to de-risk how enterprises adopt AI-generated code at scale. Under the deal, Cursor will source container images and language libraries directly from Chainguard’s hardened catalog, adding a verifiable trust layer to the dependencies automatically selected by AI agents.

The move positions Chainguard at the center of a growing security challenge, as most developers now rely on AI agents that pull dependencies from public registries increasingly targeted by supply chain attacks, creating operational, financial, and reputational risk for enterprises. Chainguard will provide more than 2,300 continuously rebuilt, zero–known-CVE container images and millions of Python, JavaScript, and Java library versions built solely from publicly verifiable source, reducing exposure to malware-infected packages and compromised binaries.

All Chainguard artifacts integrated into Cursor will be delivered with signed attestations, reproducible build pipelines, and verifiable provenance, enabling customers to demonstrate stronger compliance and governance over their software supply chains. The integration is designed to be low-friction for engineering teams, requiring no changes to existing developer tools or workflows, with Cursor handling configuration and credential management behind the scenes.

Chainguard CEO and Co-founder Dan Lorenc said the key constraint in agentic development is no longer code generation speed but the trustworthiness of dependencies, and this partnership addresses that bottleneck by ensuring AI-generated code is assembled from secure, continuously maintained components. For Chainguard, the collaboration extends its reach into AI-driven development environments used by large enterprises, reinforcing its positioning as a core infrastructure provider for secure open source while potentially expanding its customer base and recurring revenue footprint.

The partnership is immediately available to joint customers, who can activate the integration through natural language instructions in Cursor, which then routes dependency sourcing to Chainguard’s trusted images and libraries for production workloads. With AI agents expected to write a growing share of enterprise code, the deal strengthens Chainguard’s strategic role in mitigating software supply chain risk, supporting compliance mandates, and protecting sensitive credentials, tokens, and cloud assets from compromise in high-scale development environments.