No. It uses your own local Cursor Agent installation and account. It does not extract, export, or share credentials.
No. The bridge never reads your keychain, cookies, browser storage, or token files. It just spawns your locally installed Cursor Agent.
Namespacing avoids collisions with Codex/OpenAI model names. Native gpt-* models should keep using Codex's native provider and auth path.
Some Codex custom-provider configs expect a token-shaped field. The bridge ignores Authorization headers and does not forward them.
Not yet. v0.1.0 returns a single final Responses payload after Cursor Agent completes. Streaming should be added only with explicit tests.
It can if Codex, Node, the bridge, and Cursor Agent are reachable in the same environment. Mixed Windows/WSL setups need explicit paths and may be easier from native Windows with agent.cmd.
No. Hosted or multi-user proxy mode is outside the safety boundary.