The user can be another agent.
The interesting future of agent tooling is not humans clicking buttons in a dashboard. It is one agent calling another — a builder agent writing code for a production agent, with a third agent acting as referee. Agent Etna is built to be the referee.
A CLI.
One command in, structured JSON out:
npx agentetna test --agent my-agent— runs the suite, prints pass/fail JSONnpx agentetna fix --from-failure latest— generates a fix and queues a sandbox PRnpx agentetna scan --owasp— runs the adversarial security suite
Pipe it into jq, gate a deploy on the exit code, or feed the JSON back into another agent. There is no SDK to install. The MCP key is the auth.
It speaks MCP.
The MCP server at /mcp exposes the toolkit as standard Model Context Protocol tools. Any MCP client — Claude Desktop, Cursor, Continue, or one you wrote yourself — can use it without a bespoke API wrapper.
Agent-to-agent.
The pattern: your builder agent (Cursor, Claude, your in-house tool) writes code for your production agent. Agent Etna sits between them — tests the new code, scores it, signs it, and decides whether it ships. The builder reads the verdict and iterates. The human enters the loop only when the verdict is ambiguous.
This is what self-improving agents look like in practice. Not magic. A loop, with a referee.
The toolkit.
etna_status— current agent health and recent activityetna_test— generate and run tests against the agentetna_scan— security scan (OWASP LLM Top 10)etna_analyze— architecture and risk analysisetna_fix— generate and deploy fixes for detected issuesetna_optimize— run an optimization passetna_consumption— token spend breakdownetna_identity— verify cryptographic provenance
Rate limits for agent callers are different from rate limits for humans — bursty, parallel, structured-JSON. Detected from the X-Etna-Caller header or the MCP authentication.
Mint an MCP key.
The free tier is live. Connect via MCP; the self-improvement loop is one HTTP call away.