bankrbot/aeon-vuln-scanner
aeon-vuln-scanner/SKILL.md
Audit trending repos for real exploitable vulnerabilities and disclose responsibly — Private Vulnerability Reporting for code flaws and verified secrets, public PRs only for already-disclosed dependency CVEs. Semgrep + TruffleHog + osv-scanner + Slither with reachability triage. Skips targets that have no safe disclosure channel. Triggers: "vuln scan owner/repo", "audit this repo", "responsible-disclosure scan", "check for secret leaks", "scan dependencies for CVEs".
$ install --global
skillsauthnpx skillsauth add bankrbot/skills aeon-vuln-scannerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 13, 2026, 3:52 AM218.7s1 file scanned
SKILL.md
- name:
- aeon-vuln-scanner
- description:
- |
- Triggers:
- vuln scan owner/repo", "audit this repo", "responsible-disclosure scan",
aeon-vuln-scanner
A scanner that dumps zero-days into public PRs isn't a helper — it's a publisher. This skill triages every finding by reading the code and routes to the right disclosure channel.
Inputs
| Param | Description |
|---|---|
| var | Optional owner/repo. If empty, auto-picks from chained github-trending output or fresh trending API. |
Target selection
- Language: JS/TS, Python, Go, Rust, or Solidity.
- ≥ 50 stars, not a fork, active in last 6 months.
- Handles untrusted input (auth, crypto, network, file I/O, templating).
- Skip: intentionally vulnerable teaching repos (juice-shop, webgoat, *-ctf).
- Skip if no PVR enabled AND no
SECURITY.md— no safe channel. - Skip if scanned in last 30 days (dedup via
vuln-scanned.json).
Scanners
# Static analysis
semgrep --config=p/security-audit --config=p/owasp-top-ten --config=p/secrets \
--severity=ERROR --severity=WARNING --json --timeout=300 \
--exclude=test --exclude=examples --exclude=node_modules .
# Verified secrets (filesystem + git history)
trufflehog filesystem . --only-verified --json
trufflehog git file://. --only-verified --json
# Dependency CVEs across npm/pip/go/cargo/etc
osv-scanner --format=json --recursive .
# Solidity (if .sol files present)
slither . --json out.json --exclude-informational --exclude-low
All-scanners-failed reports error, never clean.
Triage (per candidate)
- Open the file at the reported line. Read 30-50 lines of context.
- Write one sentence: what attacker controls, what they achieve. Can't? Discard.
- Check the call path — reachable from external input in production code?
- Drop if in tests, fixtures, examples, behind a feature flag, or requires attacker privs ≥ what's gained.
Disclosure routing
| Finding | Channel | |---|---| | Dependency CVE | Public PR bumping the dep — CVE already public. | | Code vulnerability | PVR — publishing creates a zero-day. | | Verified leaked secret | PVR + rotation request. | | Smart-contract bug | PVR — on-chain exploitation often immediate. | | No PVR + no SECURITY.md | Skip and log. Do no harm. |
# PVR (private advisory)
gh api -X POST "/repos/$REPO/security-advisories" \
-f summary="..." -f severity="..." -F cwe_ids='["CWE-89"]' -f description="..."
Proposed patches for code flaws go to your fork only (private/fix-<slug> branch). Never open a public PR for an unpatched code flaw — link the SHA in the advisory body so the maintainer can cherry-pick.
Required scopes
GH_TOKEN with repo + repository_advisories:write (for PVR).
Rules
- Do no harm. No safe channel → no publication.
- Read the code. A scanner hit alone isn't a vulnerability.
- One report per repo per run; bundle related findings.
- Skip intentionally vulnerable repos and CTFs.
- Be deferential — you're offering help, not grading homework.
Related Skills
bankrbot/1claw
tools
VerifiedTrustedCommunity
HSM-backed secret management for AI agents. Store API keys (including Bankr `bk_` keys), passwords, and credentials in an encrypted vault; retrieve them at runtime via MCP without keeping secrets in chat context. Policy-based access control, secret rotation, sharing, EVM transaction intents (sign/simulate/broadcast), multi-chain signing keys, treasury multisig proposals, OIDC federation for external service auth, built-in prompt injection detection, and optional Shroud TEE LLM proxy. Use when the agent needs secure credential storage, just-in-time secret access, guarded on-chain signing, or security scanning — not for Bankr trading prompts, portfolio checks, or x402 calls (use the bankr skill instead).
1,144SKILL.mdUpdated Jun 5, 2026
bankrbot/gem-miner
testing
VerifiedTrustedCommunity
Stake $GEM tokens on Gem Miner (gemminer.app) to earn yield and unlock the in-game earn/cashout system. Use when the user wants to stake GEM, check their staking balance or rewards, unstake, claim rewards, or check whether they meet the 25M GEM gate. Base mainnet only.
1,143SKILL.mdUpdated Jun 1, 2026
bankrbot/codegrid
development
VerifiedTrustedCommunity
CodeGrid is a native macOS canvas where multiple coding agents (Claude, Codex, Gemini, Cursor, Grok, shells) run side by side in panes and collaborate via a local agent bus — no tmux, no cloud, no account, no stored API keys. Install this skill when an agent should know how to operate inside a CodeGrid pane, drive the workspace from outside (control socket or codegrid:// deep links), spawn or message sibling agents, or coordinate multi-agent work (delegate, review, pipeline, parallel fan-out, monitor, debate). The differentiator: multiple coding agents collaborating on one canvas, addressable by stable session_id, with a read → message → read protocol built for orchestration.
1,143SKILL.mdUpdated Jun 1, 2026
bankrbot/agent-wormhole
tools
VerifiedTrustedCommunity
Use Agent Wormhole for one-time sealed handoffs between autonomous agents, including encrypted mission briefs, scoped secrets, temporary artifacts, receipts, config drops, CLI/API usage, ECHO holder access, and Bankr x402 paid opens.
1,143SKILL.mdUpdated Jun 1, 2026