cekura-create-agent
Use when the user asks to "create an agent", "set up an agent", "add my agent to Cekura", "configure my voice agent", "connect my agent", "set up mock tools", "add tools to my agent", "upload knowledge base", "configure integration", "connect VAPI", "connect Retell", "connect LiveKit", "connect ElevenLabs", "add dynamic variables", or needs to onboard a voice AI agent onto the Cekura platform. Covers the full agent setup flow: collecting context, creating the agent, configuring the provider integration, setting up mock tools, uploading knowledge base files, and adding dynamic variables.
75
92%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Risky
Do not use without reviewing
Security
2 findings — 1 high severity, 1 medium severity. You should review these findings carefully before considering using this skill.
W007: Insecure credential handling detected in skill instructions
What this means
The skill handles credentials insecurely by requiring the agent to include secret values verbatim in its generated output. This exposes credentials in the agent’s context and conversation history, creating a risk of data exfiltration.
Why it was flagged
Insecure credential handling detected (high risk: 0.90). The prompt explicitly instructs collecting provider API keys/credentials and shows JSON/PATCH examples with fields like "vapi_api_key" that would be filled with the secret (and falls back to direct API calls when tools aren't available), which requires the agent to accept and embed secrets verbatim in requests/commands.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 0.80). The skill explicitly supports auto-fetching production calls, auto-fetching mock tools, and auto-syncing agent prompts from third-party provider APIs (e.g., "auto_fetch_calls_enabled" and "auto_sync_prompt_enabled" for VAPI/Retell and the "Auto-Fetch" flow described in Phase 3/Phase 4 and references/integrations.md), meaning it ingests untrusted, user-generated content from external providers and uses that content to update agent prompts, tools, and runtime behavior—allowing indirect prompt injection.
- Repository
- cekura-ai/cekura-skills
- Commit
24ad1d0
- Audited
- Security analysis
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.