bankrbot/aeon-skill-repair
aeon-skill-repair/SKILL.md
Auto-diagnose and fix a failing or degraded installed skill. Reads the SKILL.md plus recent error output, classifies the failure (api-change / rate-limit / timeout / sandbox-limitation / prompt-bug / output-format / missing-secret / config), applies the smallest fix that addresses the root cause, and attaches a verification recipe. Minimum-edit principle, never auto-applies high-risk changes. Triggers: "fix this skill", "skill X is broken", "diagnose this failure", "the output of X looks wrong".
$ install --global
skillsauthnpx skillsauth add bankrbot/openclaw-skills aeon-skill-repairInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 13, 2026, 3:50 AM137.6s1 file scanned
SKILL.md
- name:
- aeon-skill-repair
- description:
- |
- Triggers:
- fix this skill", "skill X is broken", "diagnose this failure", "the output of X
aeon-skill-repair
Targeted repair for one failing skill. Build a diagnostic dossier, classify the failure, apply the matching playbook, attach a verification recipe.
Inputs
| Param | Description |
|---|---|
| target | Skill name or SKILL.md path. Required. |
| error_output | Recent failed output (paste from run log). Required if not auto-detectable. |
| mode | repair (default) or dry-run (diagnose only). |
Diagnosis sources
- The skill file (frontmatter, declared sources, env-var references).
- Error output signature (HTTP codes, common API errors, rate-limit hits, refusal markers).
- Source liveness — WebFetch on referenced URLs to detect 404s, redirects, schema changes.
- Frontmatter integrity (valid YAML).
Failure categories and fix scope
| Category | Detection | Fix scope |
|---|---|---|
| api-change | 404/410, schema mismatch | Update endpoints/payload/headers per live spec. Cite the spec URL. |
| rate-limit | 429, "too many requests" | Add backoff or fallback endpoint. Never raise the limit. |
| timeout | Killed mid-run, partial output | Stage the work, add early-return on partial success. |
| sandbox-limitation | Auth-bearing curl fails | Convert to prefetch / postprocess pattern. |
| prompt-bug | Hallucination, refusal, missing required section | Minimum-edit specificity insertion. < 30 lines diff. |
| output-format | Output passes execution but fails downstream parser | Edit until next run satisfies the failing assertion. |
| missing-secret | "API key missing", env var unset | No code change. Name the missing var for the operator. Exit REPAIR_DIAGNOSED_NO_FIX. |
| config | Bad input config (watchlist, list file) | Fix obvious shape errors. Never invent entries. |
| unknown | None of the above | Don't edit blindly. Append dossier to repair-notes, exit REPAIR_DIAGNOSED_NO_FIX. |
Risk classes
- LOW — fallback added, comment-only, < 30 lines. Auto-applied.
- MED — data source change, output format edit. Auto-applied with verification recipe.
- HIGH — touches behavior fundamentally, changes defaults. Operator review required, not auto-applied.
Verification recipe (every repair)
1. Re-run the skill: <one-line invocation>
2. Expected: <category-specific signal — "no rate-limit in trace" / "≥ 200 words" / "matches pattern X">
3. If still failing: <fallback path>
Cooldown
24h cooldown per skill — prevents repair loops on fixes that didn't stick. State in local repair-history.json.
Rules
- One target per run. Never bundle unrelated repairs.
- Minimum-edit principle. Small diffs.
- Never modify env-var configuration. Missing secrets are flagged for the operator.
- Inside a git repo: branch + diff, never directly to main.
Related Skills
bankrbot/hunch
data-ai
VerifiedTrustedCommunity
Discover, bet on, track, and settle Hunch prediction markets in natural language. Trigger when a user wants to bet, take a position, or get odds on a crypto outcome — token market-cap milestones and flips, launchpad races (Bankr vs pump.fun volume / #1-days / launches over a cap), token head-to-head outperformance, mcap strike-ladders, and up/down price rounds. Also trigger on "what can I bet on about $TOKEN", "odds on …", "take YES/NO on …", "show my Hunch bets", "did my market resolve". Settles in USDC on Base via x402 (≤ $10 / bet); every bet returns an on-chain proof.
1,145SKILL.mdUpdated Jun 6, 2026
bankrbot/1claw
tools
VerifiedTrustedCommunity
HSM-backed secret management for AI agents. Store API keys (including Bankr `bk_` keys), passwords, and credentials in an encrypted vault; retrieve them at runtime via MCP without keeping secrets in chat context. Bankr Dynamic Key Vending issues short-lived scoped `bk_usr_` keys from a partner key (`bk_ptr_`) without manual rotation. Policy-based access control, secret rotation, sharing, EVM transaction intents (sign/simulate/broadcast), multi-chain signing keys, treasury multisig proposals, OIDC federation for external service auth, built-in prompt injection detection, and optional Shroud TEE LLM proxy. Use when the agent needs secure credential storage, just-in-time secret access, guarded on-chain signing, or security scanning — not for Bankr trading prompts, portfolio checks, or x402 calls (use the bankr skill instead).
1,145SKILL.mdUpdated Jun 5, 2026
bankrbot/signa
development
VerifiedTrustedCommunity
Give your Bankr agent its own brain and a wallet-signed line to every other agent — on any framework, with no API key. SIGNA is the keyless agent layer on Base: resolve any identity to a messageable wallet, send and read wallet-signed DMs, invoke capabilities on the network, and run a brain that reasons on decentralized inference and acts through those capabilities. The Bankr wallet is the only credential. Triggers: "message that agent", "DM this wallet/handle", "reach the agent behind @x", "what is the base market", "resolve @handle to a wallet", "ask the network", "let my agent think and report".
1,144SKILL.mdUpdated Jun 10, 2026
bankrbot/bankr
development
VerifiedTrustedCommunity
AI-powered crypto trading agent, wallet API, and LLM gateway via natural language. Use when the user wants to trade crypto, check portfolio balances (with PnL and NFTs), view token prices, search tokens, transfer crypto, manage NFTs, use leverage (Hyperliquid or Avantis), bet on Polymarket, deploy tokens, set up automated trading, sign and submit raw transactions, call or deploy x402 paid API endpoints, browse the web, or access LLM models through the Bankr LLM gateway funded by your Bankr wallet. Supports Base, Ethereum, Polygon, Solana, Unichain, World Chain, Arbitrum, and BNB Chain.
1,144SKILL.mdUpdated Apr 20, 2026