explainx.ai
workshops ↗
Frontend

kibana-agent-builder

Create, update, delete, inspect, and chat with Agent Builder agents. Create, update, delete, list, and test custom tools

elastic/agent-skillsUpdated Apr 8, 2026

Works with

Claude CodeCursorClineWindsurfCodexGooseGitHub CopilotZed

0

total installs

0

this week

296

GitHub stars

0

upvotes

Install Skill

Run in your terminal

$npx skills add https://github.com/elastic/agent-skills --skill kibana-agent-builder

0

installs

0

this week

296

stars

View on GitHub
kibanaagentbuilder
0 commentsJoin discussion →

What it does

  • (ES|QL, index search, workflow). If the user provided a name, use $ARGUMENTS as the default agent name.

Category

Frontend

Last updated

Apr 8, 2026

Installation Guide

How to use kibana-agent-builder on Cursor

AI-first code editor with Composer

1

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

  • Cursor installed and configured on your machine
  • Node.js 16+ with npm — verify with node --version
  • Active project directory where you want to add kibana-agent-builder
2

Run the install command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills add https://github.com/elastic/agent-skills --skill kibana-agent-builder

Fetches kibana-agent-builder from elastic/agent-skills and configures it for Cursor.

3

Select Cursor when prompted

The CLI shows a list of agents. Use arrow keys and space to select Cursor:

◆ Which agents do you want to install to?
│ ── Universal (.agents/skills) ────────────────
│ · Cline · Codex · Goose · Windsurf
│ ●Cursor(selected)
│ · Cursor · Aider · Continue
4

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/kibana-agent-builder

Restart Cursor to activate kibana-agent-builder. Access via /kibana-agent-builder in your agent's command palette.

Security Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.

View source on GitHubSkills CLI docsAbout CursorWhat are agent skills?

Documentation

Manage Agent Builder Agents and Tools in Kibana

Create, update, delete, inspect, and chat with Agent Builder agents. Create, update, delete, list, and test custom tools (ES|QL, index search, workflow). If the user provided a name, use $ARGUMENTS as the default agent name.

Prerequisites

Set these environment variables before running any script:

Variable Required Description
KIBANA_URL Yes Kibana base URL (e.g., https://my-deployment.kb.us-east-1.aws.elastic.cloud)
KIBANA_API_KEY No API key for authentication (preferred)
KIBANA_USERNAME No Username for basic auth (falls back to ELASTICSEARCH_USERNAME)
KIBANA_PASSWORD No Password for basic auth (falls back to ELASTICSEARCH_PASSWORD)
KIBANA_SPACE_ID No Kibana space ID (omit for default space)
KIBANA_INSECURE No Set to true to skip TLS verification

Provide either KIBANA_API_KEY or KIBANA_USERNAME + KIBANA_PASSWORD.

Agent Management

Create an Agent

Step 1: List available tools

node skills/kibana/agent-builder/scripts/agent-builder.js list-tools

If the script reports a connection error, stop and tell the user to verify their KIBANA_URL and authentication environment variables.

Review the list of available tools. Tools prefixed with platform.core. are built-in. Other tools are custom or connector-provided.

Step 2: List existing agents

node skills/kibana/agent-builder/scripts/agent-builder.js list-agents

This helps avoid name conflicts and shows what is already configured.

Step 3: Gather agent details

Using $ARGUMENTS as the default name, confirm or collect from the user:

  1. Name (required) — The agent's display name. Default: $ARGUMENTS.
  2. Description (optional) — Brief description of what the agent does. Default: same as name.
  3. System instructions (optional) — Custom system prompt for the agent. Default: none.

Step 4: Select tools

Present the available tools from Step 1 and ask the user which ones to include. Suggest a reasonable default based on the agent's purpose. Let the user add or remove tools from the suggested list.

Step 5: Create the agent

node skills/kibana/agent-builder/scripts/agent-builder.js create-agent \
  --name "<agent_name>" \
  --description "<description>" \
  --instructions "<system_instructions>" \
  --tool-ids "<tool_id_1>,<tool_id_2>,<tool_id_3>"

Where:

  • --name is required
  • --tool-ids is a comma-separated list of tool IDs from Step 4
  • --description defaults to the name if omitted
  • --instructions can be omitted if the user did not provide any

Step 6: Verify creation

node skills/kibana/agent-builder/scripts/agent-builder.js list-agents

Show the user the newly created agent entry. If it appears, report success. If not, show any error output from Step 5.

Get an Agent

node skills/kibana/agent-builder/scripts/agent-builder.js get-agent --id "<agent_id>"

Update an Agent

node skills/kibana/agent-builder/scripts/agent-builder.js update-agent \
  --id "<agent_id>" \
  --description "<new_description>" \
  --instructions "<new_instructions>" \
  --tool-ids "<tool_id_1>,<tool_id_2>"

All flags except --id are optional — only provided fields are updated. The agent's id and name are immutable.

API constraint: PUT only accepts description, configuration, and tags. Including id, name, or type causes a 400 error.

Delete an Agent

node skills/kibana/agent-builder/scripts/agent-builder.js delete-agent --id "<agent_id>"

Always confirm with the user before deleting. Deletion is permanent.

Chat with an Agent

node skills/kibana/agent-builder/scripts/agent-builder.js chat \
  --id "<agent_id>" \
  --message "<user_message>"

Uses the streaming endpoint POST /api/agent_builder/converse/async with agent_id and input in the request body. Output shows [Reasoning], [Tool Call], [Tool Result], and [Response] as events arrive. Pass --conversation-id to continue an existing conversation.

Note: This command may take 30-60 seconds as the agent reasons and calls tools. Use a longer timeout (e.g., 120s or 180s) when running via Bash.

Tool Management

Custom tools extend what agents can do beyond the built-in platform tools.

Tool Types

ES|QL Tools

Pre-defined, parameterized ES|QL queries. Use when you need guaranteed query correctness, enforced business rules, analytics aggregations, or fine-grained data access control.

Parameter syntax: Use ?param_name in the query. Define each parameter with type and description only. Valid types: string, integer, float, boolean, date, array.

{
  "id": "campaign_revenue_by_region",
  "type": "esql",
  "description": "Calculates confirmed revenue for a region by quarter.",
  "configuration": {
    "query": "FROM finance-orders-* | WHERE order_status == \"completed\" AND region == ?region | STATS total_revenue = SUM(amount) BY quarter | LIMIT 10",
    "params": {
      "region": {
        "type": "string",
        "description": "Region code, e.g. 'US', 'EU', 'APAC'"
      }
    }
  }
}

Index Search Tools

Scope the built-in search capability to a specific index pattern. The LLM decides how to query; you control which indices are accessible.

{
  "id": "customer_feedback_search",
  "type": "index_search",
  "description": "Searches customer feedback and support tickets.",
  "configuration": {
    "pattern": "customer-feedback-*"
  }
}

Workflow Tools

Connect an agent to an Elastic Workflow — a YAML-defined multi-step automation. Use when the agent needs to take action beyond data retrieval (send notifications, create tickets, call external APIs).

{
  "id": "investigate-alert-workflow",
  "type": "workflow",
  "description": "Triggers automated alert investigation.",
  "configuration": {
    "workflow_id": "security-alert-investigation"
  }
}

Parameters are auto-detected from the workflow's inputs section.

Tool API Constraints

Read these before creating tools — violations cause 400 errors.

  • POST body fields: Only id, type, description, configuration, and tags are accepted. name is not a valid field — omit it entirely.
  • params is always required for ES|QL tools, even when empty — use "params": {}.
  • Param fields: Only type and description are accepted per parameter. default and optional are not valid and cause 400 errors. Hard-code sensible defaults in the query instead.
  • Index search config: Use "pattern", not "index". Using "index" causes a validation error.
  • PUT restrictions: Only description, configuration, and tags are accepted. Including id or type causes a 400 error — these fields are immutable after creation.

Tool Script Commands

List all tools

node skills/kibana/agent-builder/scripts/agent-builder.js list-custom-tools

Get a specific tool

node skills/kibana/agent-builder/scripts/agent-builder.js get-tool --id "<tool_id>"

Create a tool

node skills/kibana/agent-builder/scripts/agent-builder.js create-tool \
  --id "<tool_id>" \
  --type "esql" \
  --description "<description>" \
  --query "<esql_query>" \
  --params '{"region": {"type": "string", "description": "Region code"}}'

For index search tools:

node skills/kibana/agent-builder/scripts/agent-builder.js create-tool \
  --id "<tool_id>" \
  --type "index_search" \
  --description "<description>" \
  --pattern "my-index-*"

For workflow tools:

node skills/kibana/agent-builder/scripts/agent-builder.js create-tool \
  --id "<tool_id>" \
  --type "workflow" \
  --description "<description>" \
  --workflow-id "my-workflow-name"

Update a tool

node skills/kibana/agent-builder/scripts/agent-builder.js update-tool \
  --id "<tool_id>" \
  --description "<new_description>" \
  --query "<new_query>"

Only description, configuration, and tags can be updated. id and type are immutable.

Delete a tool

node skills/kibana/agent-builder/scripts/agent-builder.js delete-tool --id "<tool_id>"

Test a tool

node skills/kibana/agent-builder/scripts/agent-builder.js test-tool \
  --id "<tool_id>" \
  --params '{"region": "US"}'

Executes the tool via POST /api/agent_builder/tools/_execute and displays column names and row counts for ES|QL results.

Examples

Create an agent

User: /kibana-agent-builder sales-helper
  1. List tools — finds platform.core.search, platform.core.list_indices, and a custom esql-sales-data tool
  2. List agents — no conflicts
  3. Name: "sales-helper", Description: "Helps query sales data"
  4. Tools: esql-sales-data, platform.core.search, platform.core.list_indices
  5. Create with --name "sales-helper" --tool-ids "esql-sales-data,platform.core.search,platform.core.list_indices"
  6. Verify — agent appears in list

Update an agent's instructions

User: Update the sales-helper agent to focus on the APAC region
  1. Get agent — get-agent --id "sales-helper" to see current config
  2. Update — update-agent --id "sales-helper" --instructions "Focus on APAC sales data. Use esql-sales-data for queries."
  3. Verify — get-agent --id "sales-helper" to confirm new instructions

Chat with an agent

User: Ask sales-helper what the top revenue products are
  1. Chat — chat --id "sales-helper" --message "What are the top revenue products?"
  2. Display the agent's response

Create an ES|QL tool with parameters

User: Create a tool that shows billing complaints by category for the last N days

  1. Consult the elasticsearch-esql skill for ES|QL syntax

  2. Create tool:

    node skills/kibana/agent-builder/scripts/agent-builder.js create-tool \
  --id "billing_complaint_summary" \
  --type "esql" \
  --description "Returns billing complaints grouped by sub-category for the last N days." \
  --query 
    List & Monetize Your Skill
    Submit your Claude Code skill and start earning
    Get started →

Use Cases

Task Automation & Efficiency

Automate repetitive workflows and reduce manual effort

Example

Generate reports, summarize documents, draft communications

Save 3-5 hours per week on routine tasks

Knowledge Enhancement

Learn new skills, understand complex topics, get expert guidance

Example

Explain concepts, provide examples, suggest learning resources

Accelerate learning and skill development by 2x

Quality Improvement

Enhance output quality through reviews, suggestions, and refinements

Example

Review drafts, suggest improvements, catch errors

Improve work quality by 30-40% with less effort

Implementation Guide

Prerequisites

  • Claude Desktop or compatible AI client with skill support
  • Clear understanding of task or problem to solve
  • Willingness to iterate and refine outputs

Time Estimate

15-45 minutes depending on use case complexity

Steps

  1. 1Install skill using provided installation command
  2. 2Test with simple use case relevant to your work
  3. 3Evaluate output quality and relevance
  4. 4Iterate on prompts to improve results
  5. 5Integrate into regular workflow if valuable

Common Pitfalls

  • Expecting perfect results without iteration
  • Not providing enough context in prompts
  • Using skill for tasks outside its intended scope
  • Accepting outputs without review and validation

Best Practices

✓ Do

  • +Start with clear, specific prompts
  • +Provide relevant context and constraints
  • +Review and refine all outputs before using
  • +Iterate to improve output quality
  • +Document successful prompt patterns

✗ Don't

  • Don't use without understanding skill limitations
  • Don't skip validation of outputs
  • Don't share sensitive information in prompts
  • Don't expect skill to replace human judgment

💡 Pro Tips

  • Be specific about desired format and style
  • Ask for multiple options to choose from
  • Request explanations to understand reasoning
  • Combine AI efficiency with human expertise

When to Use This

✓ Use when

Use when skill capabilities match your task, clear ROI on time saved, and you can validate outputs. Best for repetitive tasks, learning, and quality improvement.

✗ Avoid when

Avoid when task requires deep expertise you can't validate, involves sensitive decisions, or when learning process is more valuable than speed of completion.

Learning Path

  1. 1Familiarize yourself with skill capabilities and limitations
  2. 2Start with low-risk, non-critical tasks
  3. 3Progress to more complex and valuable use cases
  4. 4Build expertise through regular use and experimentation

Related Skills

agent-browser

29

vercel-labs/agent-browser

Productivitytag: agent

frontend-design

457

anthropics/claude-code

Frontendsame category

premium-frontend-ui

178

github/awesome-copilot

Frontendsame category

ui-animation

175

mblode/agent-skills

Frontendsame category

high-end-visual-design

141

leonxlnx/taste-skill

Frontendsame category

antigravity-design-expert

88

sickn33/antigravity-awesome-skills

Frontendsame category

Reviews

4.664 reviews
  • T
    Tariq WhiteDec 24, 2024

    Registry listing for kibana-agent-builder matched our evaluation — installs cleanly and behaves as described in the markdown.

  • C
    Camila MartinDec 8, 2024

    kibana-agent-builder has been reliable in day-to-day use. Documentation quality is above average for community skills.

  • O
    OshnikdeepDec 4, 2024

    Solid pick for teams standardizing on skills: kibana-agent-builder is focused, and the summary matches what you get after install.

  • I
    Isabella BansalDec 4, 2024

    Keeps context tight: kibana-agent-builder is the kind of skill you can hand to a new teammate without a long onboarding doc.

  • K
    Kaira ChawlaNov 23, 2024

    We added kibana-agent-builder from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.

  • I
    Isabella BhatiaNov 15, 2024

    Useful defaults in kibana-agent-builder — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • K
    Kaira MalhotraOct 14, 2024

    kibana-agent-builder fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.

  • A
    Alexander JainOct 6, 2024

    I recommend kibana-agent-builder for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

  • T
    Tariq RobinsonSep 25, 2024

    Solid pick for teams standardizing on skills: kibana-agent-builder is focused, and the summary matches what you get after install.

  • H
    Hassan MehtaSep 25, 2024

    We added kibana-agent-builder from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.

showing 1-10 of 64

1 / 7

Discussion

Comments — not star reviews
  • No comments yet — start the thread.