cekura-self-improving-agent
Use when the user asks to "improve my agent", "self-improving agent", "auto-tune my agent", "iterate on my agent prompt", "fix my agent based on test results", "close the loop on agent quality", "auto-improve agent prompt", "use eval results to improve agent", "optimize my prompt based on failures", "rewrite my prompt", or describes agent self-improvement, prompt iteration from run results, or automated agent quality loops. Covers the full diagnose → propose → apply → re-validate loop for VAPI agents (squads + tool definitions), ElevenLabs Conversational AI agents (system prompt + tool definitions), and for self-hosted agents (pipecat pipelines and custom websocket servers, including the offline / pasted- prompt degenerate variant).
62
72%
Does it follow best practices?
Impact
—
No eval scenarios have been run
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./cekura/skills/cekura-self-improving-agent/SKILL.mdSecurity
2 findings — 2 medium severity. This skill can be installed but you should review these findings before use.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 0.85). In VAPI/ElevenLabs modes, the skill ingests outsider-authored free text from production call logs/transcripts via `Optimization · Collect` → `agents/fetch_failures.py` (which reads `call_ids`/`run_ids`/`result_id` and flattens transcripts into the markdown report), and that transcript text is then fed into later LLM steps (Early-End-Call Diagnose / Diagnose / Overfitting Gate) as context for proposing edits.
W012: Unverifiable external dependency detected (runtime URL that controls agent)
What this means
The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.
Why it was flagged
Potentially malicious external URL detected (high risk: 0.90). The skill clearly calls provider APIs at runtime to fetch and PATCH live prompts/tools (e.g., https://api.vapi.ai/assistant and https://api.vapi.ai/tool for VAPI, and https://api.elevenlabs.io/v1/convai/agents/create and https://api.elevenlabs.io/v1/convai/tools for ElevenLabs), which directly control agent prompts and are required for the Clone/Apply phases.
- Repository
- cekura-ai/cekura-skills
- Commit
7a49e22
- Audited
- Security analysis
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.