Skills
skills/cekura-ai/cekura-skills/cekura-self-improving-agent/Gen Agent Trust Hub

cekura-self-improving-agent

Warn

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill implements a redeploy_command feature that executes user-supplied shell commands via the Bash tool. Documentation examples include high-privilege operations like sudo systemctl restart for service management.
  • [COMMAND_EXECUTION]: In its self-hosted mode, the skill uses the Edit tool to modify the user's local source code. This includes 'orchestration-code' edits that can alter message loops, history management, and connection logic.
  • [PROMPT_INJECTION]: The skill processes transcripts from external interactions, which introduces an indirect prompt injection surface. The Overfitting Gate phase acts as a mitigation by scanning and scrubbing proposed edits for transcript-derived phrasing.
  • [DATA_EXFILTRATION]: The operational model involves handling sensitive API keys and reading local project files. Although used for legitimate integration, this represents a significant data access surface.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 14, 2026, 04:16 PM