// Structured triage for inbound PRs that introduce or modify SKILL.md files — security scan per skill, required-secrets enumeration, cron slot-conflict check, basic quality signals, posted as one PR comment. The receipt that turns a 10-minute manual skill-PR review into a 10-second human decision
Weekly enriched export of skill-packs.json — joins the canonical community registry to live GitHub signals (stars, last-push, live manifest skill count) and writes a machine-readable skill-packs-catalog.json that external tools (e.g. Sparkleware) can consume without screen-scraping
Daily deep-dive recap of all pushes — reads diffs, explains what changed and why
Weekly fleet skill-adoption leaderboard — per-slug count of how many POWER+ACTIVE forks have each upstream skill enabled, top-15 most-adopted and bottom-15 least-adopted by fleet penetration, silent when nothing moves
Weekly narrative of everything shipped — features, fixes, and momentum, written as a compelling update
Weekly liveness check of the projects listed in ECOSYSTEM.md — stars/forks/last-commit recency + new releases for any project that can be matched to a GitHub repo
Search X/Twitter for tweets about a token, keyword, username, or topic
| name | pr-skill-triage |
| description | Structured triage for inbound PRs that introduce or modify SKILL.md files — security scan per skill, required-secrets enumeration, cron slot-conflict check, basic quality signals, posted as one PR comment. The receipt that turns a 10-minute manual skill-PR review into a 10-second human decision |
| var | |
| tags | ["dev","community"] |
${var} — PR number on
aaronjmars/aeon-agent(required, integer). Empty${var}→PR_SKILL_TRIAGE_BAD_VAR, no writes, no notify. Useworkflow_dispatchonly.
Today is ${today}. Backport of upstream aeon PR #259 (pr-skill-triage, merged 2026-05-28). The 16th consecutive same-day-after backport: pr-skill-triage May-28→29. Inbound skill PRs are now the dominant external contribution shape across the fleet — this skill is the receipt that turns a 10-minute manual review into a 10-second human merge decision by fanning the existing skills/skill-security-scan/scan.sh out across every SKILL.md in the PR diff and producing one structured comment covering security + required secrets + cron conflicts + quality signals for the whole pack at once.
It is complementary to pr-triage (which welcomes every external PR with a generic first-touch comment) and skill-security-scan (which provides the per-file scanner). This skill is the skill-PR-specific triage that fans out across every SKILL.md in the PR diff, runs the scanner against each, and produces one structured comment covering security + required secrets + cron conflicts + quality signals for the whole pack at once.
Backport adaptations from upstream aeon PR #259:
aaronjmars/aeon repo references rewritten to aaronjmars/aeon-agent — gh api repos/aaronjmars/aeon-agent/... and gh pr comment ... -R aaronjmars/aeon-agent. The skill is scoped to its host repo's incoming PRs../notify invocation style already single-positional-arg in aeon-agent (matches upstream), no adaptation needed.skills/skill-security-scan/scan.sh is the same scanner shape on aeon-agent (the May-18 PR #186 Bash 3.2 + May-20 PR #197 POSIX-ERE hardening is intact); no fork-local divergence to work around.yq fallback path (the grep -E cron parse on aeon.yml) is preserved as-is — aeon-agent runners have the same yq availability profile as upstream.Read memory/MEMORY.md for context.
Read the last 8 days of memory/logs/ for prior-run context (skip if dispatched).
Read soul/SOUL.md + soul/STYLE.md if populated to match voice in the notification.
pr-triagepr-triage welcomes every external PR with a generic first-touch comment driven by a verdict rubric over title/body/diff. It does not open SKILL.md files, run the security scanner, or check cron-slot collisions — those steps are skill-pack-specific. A unified skill would either bloat pr-triage with conditional pack logic on every run (most PRs have no SKILL.md change), or skip the scanner on PRs that genuinely need it. Keeping pr-skill-triage separate lets the operator dispatch it precisely when an inbound skill PR lands, so the scanner output, secret enumeration, and slot-conflict table all surface in one structured comment without polluting general-purpose triage runs.
| Source | Purpose | Auth |
|---|---|---|
gh api repos/aaronjmars/aeon-agent/pulls/${PR_NUMBER} | PR metadata — author, created_at, head SHA, mergeable state | GH_TOKEN |
gh api repos/aaronjmars/aeon-agent/pulls/${PR_NUMBER}/files | List of changed file paths (with status per file: added / modified / removed) | GH_TOKEN |
gh api repos/aaronjmars/aeon-agent/contents/{path}?ref={head_sha} | Each changed SKILL.md body for security scan + frontmatter parsing | GH_TOKEN |
aeon.yml (local) | Existing cron schedules for slot-conflict check | Local file |
skills/skill-security-scan/scan.sh (local) | Scanner — reused verbatim (no fork, no shadow copy) | Local script |
No new secrets. GitHub access uses the gh CLI (GH_TOKEN) per CLAUDE.md.
Writes:
gh pr comment ${PR_NUMBER} (the actual deliverable — this is where the triage receipt lives)memory/topics/pr-skill-triage-state.json — {"${PR_NUMBER}": {"head_sha": "abc1234", "commented_at": "<ISO8601>", "verdict": "OK|WARN|BLOCK"}} so re-dispatch on the same head SHA is a no-opmemory/logs/${today}.md — one log block per run./notify — only when a HIGH security finding fires (BLOCK) or a hard cron conflict is detected (everything else is just the PR comment + log)mkdir -p memory/topics
[ -f memory/topics/pr-skill-triage-state.json ] || echo '{}' > memory/topics/pr-skill-triage-state.json
jq empty memory/topics/pr-skill-triage-state.json 2>/dev/null || { mv memory/topics/pr-skill-triage-state.json memory/topics/pr-skill-triage-state.json.bak; echo '{}' > memory/topics/pr-skill-triage-state.json; STATE_WAS_CORRUPT=true; }
On corrupt state, recreate fresh and proceed — there is no historical re-comment dedup loss because the worst-case is a duplicate triage comment on a PR that already had one, which is recoverable (operator deletes one). The skill does not terminate silently on corrupt state — re-triaging the PR is the safer outcome than skipping it.
${var} empty → log PR_SKILL_TRIAGE_BAD_VAR: empty PR_NUMBER, exit (no writes, no notify).${var} not a positive integer (^[1-9][0-9]*$) → log PR_SKILL_TRIAGE_BAD_VAR: ${var} not a PR number, exit.PR_NUMBER=${var}.PR_META=$(gh api "repos/aaronjmars/aeon-agent/pulls/${PR_NUMBER}" 2>/dev/null) || PR_META=""
[ -z "$PR_META" ] && { echo "PR_SKILL_TRIAGE_PR_NOT_FOUND: ${PR_NUMBER}"; exit 1; }
HEAD_SHA=$(echo "$PR_META" | jq -r '.head.sha')
AUTHOR=$(echo "$PR_META" | jq -r '.user.login')
PR_TITLE=$(echo "$PR_META" | jq -r '.title')
PR_STATE=$(echo "$PR_META" | jq -r '.state')
PR_DRAFT=$(echo "$PR_META" | jq -r '.draft')
PR_SKILL_TRIAGE_PR_NOT_FOUND, exit non-zero (no PR comment to post on — the PR does not exist).state == "closed" AND not merged → terminal status PR_SKILL_TRIAGE_PR_CLOSED, no comment, no notify (operator dispatched this skill on a closed PR; the receipt is no longer useful).state == "closed" AND merged == true → continue (operator may want a post-merge audit receipt; the comment lands on the merged PR and is still useful for the changelog).PRIOR_SHA=$(jq -r --arg n "${PR_NUMBER}" '.[$n].head_sha // empty' memory/topics/pr-skill-triage-state.json)
if [ -n "$PRIOR_SHA" ] && [ "$PRIOR_SHA" = "$HEAD_SHA" ]; then
echo "PR_SKILL_TRIAGE_DEDUP: PR #${PR_NUMBER} head SHA unchanged since last triage"
exit 0
fi
If the PR's head SHA is unchanged since the last triage, exit silently (PR_SKILL_TRIAGE_DEDUP). The author hasn't pushed new commits — re-triaging would post a duplicate comment without new information. Operator can force a re-triage by editing memory/topics/pr-skill-triage-state.json to drop the entry.
gh api "repos/aaronjmars/aeon-agent/pulls/${PR_NUMBER}/files" --paginate \
--jq '.[] | select(.filename | endswith("/SKILL.md") or . == "SKILL.md") | {path: .filename, status: .status, additions: .additions, deletions: .deletions}' \
> /tmp/pr-skill-files.json
Filter: */SKILL.md or top-level SKILL.md. Exclude removed status — a SKILL.md being deleted by the PR is a different review concern (dropped skill), not a triage concern (no live file to scan).
If the resulting set is empty → terminal status PR_SKILL_TRIAGE_NO_SKILLS. Post a brief "no SKILL.md changes detected — this PR does not introduce or modify any skill; dispatch was likely a misroute" comment, advance state with verdict: "NO_SKILLS", and exit. No notify (this is an operator dispatch error, not a finding).
For each path:
gh api "repos/aaronjmars/aeon-agent/contents/${PATH}?ref=${HEAD_SHA}" \
--jq '.content' 2>/dev/null | base64 -d > "/tmp/pr-skill-${SLUG}.md"
Where ${SLUG} is the basename of the path's parent directory (or root for top-level SKILL.md).
download_failed and continue; surface it in the comment with ⚠ could not fetch rather than aborting the whole triage. One unreadable file shouldn't kill the receipt for the rest.Run the existing scanner verbatim — never fork or shadow-copy its patterns:
for f in /tmp/pr-skill-*.md; do
./skills/skill-security-scan/scan.sh "$f" --json > "/tmp/scan-${f##*-}.json" || true
done
The scanner's exit code is 0 (PASS, no HIGH), 1 (FAIL, HIGH findings present), or 2 (usage error — should not fire here). Parse the JSON output for severity counts and a findings[] list per file.
Capture per-file:
severity_max ∈ {PASS, WARN, BLOCK} — BLOCK = ≥1 HIGH, WARN = ≥1 MEDIUM, PASS = neither.high_findings — first 3 HIGH findings (line + pattern), truncated for the comment body.medium_count, low_count for summary.For each downloaded SKILL.md, parse the YAML frontmatter (lines between the first two --- delimiters):
name — required.description — required, ≥40 characters (anything shorter is a placeholder).tags — required, non-empty list.schedule — optional; if present, capture for slot-conflict check.var — optional; default empty.Body checks:
step_count ≥ 3 numbered or ###-headed steps (a skill with 1–2 steps is likely a stub)../notify invocation present somewhere in the body (every operator-facing skill needs a notify path; absence is a smell, not a block).Secret enumeration: grep for \$[A-Z][A-Z0-9_]{3,} patterns in the body and discard known-safe ones (GITHUB_TOKEN, GH_TOKEN, today, var, PR_NUMBER, HEAD_SHA, anything matching ${...} template substitution from this skill's own boilerplate). What remains is the list of secrets the operator must provision before enabling the skill. Mark them in the comment.
Build the existing cron set from aeon.yml:
yq -r '.skills | to_entries[] | select(.value.schedule) | "\(.key) \(.value.schedule)"' aeon.yml 2>/dev/null \
| grep -v 'workflow_dispatch' > /tmp/cron-set.txt
If yq is unavailable, fall back to grep -E "schedule: \"[0-9]" on aeon.yml and parse the cron field with a Bash regex. (Never abort the whole triage on a missing yq — the slot-conflict check is one section of the comment, not the whole receipt.)
For each proposed schedule in the PR's SKILL.md files:
workflow_dispatch cadence → flag as CONFLICT (two skills cron'd at the same minute on the same UTC slot can interleave noisily on shared runners).ADJACENT (worth a heads-up; not a block).OK.workflow_dispatch schedules are always OK (no slot to collide with).
Format the comment as a single markdown block:
## Skill PR Triage — ${today}
Triage of `${N}` SKILL.md file(s) in PR #${PR_NUMBER} by `@${AUTHOR}` at head `${HEAD_SHA[0:7]}`.
### Verdict: **{OK | WARN | BLOCK}**
| Skill | Security | Schedule | Slot check | Quality |
|-------|----------|----------|------------|---------|
| `skills/foo/SKILL.md` | PASS · 0/0/2 | `0 14 * * *` | OK | desc ✓ · 5 steps ✓ · notify ✓ · tags ✓ |
| `skills/bar/SKILL.md` | BLOCK · 1 HIGH | `workflow_dispatch` | OK | desc ✗ (32 chars) · 3 steps ✓ · notify ✓ · tags ✓ |
### Security findings (per skill, first 3 each)
**`skills/bar/SKILL.md`** — 1 HIGH
- Line 87: `eval $(...)` — HIGH (shell injection, scan pattern `eval\\(`)
(omit this section entirely if no skill has HIGH findings)
### Required secrets
Operators need to provision these env vars before enabling any of these skills:
- `LIQUIDPAD_API_KEY` (referenced by `skills/foo/SKILL.md`)
- `BANKR_API_KEY` (referenced by `skills/foo/SKILL.md`, `skills/bar/SKILL.md`)
(omit if none)
### Cron slot warnings
- `skills/foo/SKILL.md` schedule `0 14 * * *` **CONFLICTS** with existing `article` slot.
- `skills/baz/SKILL.md` schedule `5 9 * * 1` is **ADJACENT** to existing `competitor-launch-radar` (`0 10 * * 1`).
(omit if all `OK`)
### Quality checklist
Per-skill checks: description ≥40 chars, ≥3 steps, `./notify` call present, `tags` non-empty.
✗ = missing/short; ✓ = present.
---
*Generated by `pr-skill-triage`. Re-dispatch on push to refresh.*
Verdict precedence:
CONFLICT.ADJACENT schedule, or a required-secret list. (A required secret is a WARN because the operator must act, not a BLOCK.)Post the comment:
gh pr comment "${PR_NUMBER}" -R aaronjmars/aeon-agent --body "$(cat /tmp/triage-comment.md)"
If the gh pr comment call fails (network, perms), record the comment body to articles/pr-skill-triage-${PR_NUMBER}-${today}.md as a fallback artifact and surface PR_SKILL_TRIAGE_COMMENT_FAILED in the log + notification — the operator can paste the artifact onto the PR manually.
Update memory/topics/pr-skill-triage-state.json to mark this PR_NUMBER + HEAD_SHA as triaged with the chosen verdict.
Append a log block:
## pr-skill-triage
- Status: PR_SKILL_TRIAGE_OK | _WARN | _BLOCK | _NO_SKILLS | _DEDUP | _PR_NOT_FOUND | _PR_CLOSED | _COMMENT_FAILED | _BAD_VAR
- PR: #${PR_NUMBER} (@${AUTHOR}, head ${HEAD_SHA[0:7]})
- Skills: {N} SKILL.md files triaged ({pass}/{warn}/{block})
- Security HIGH findings: {N}
- Required secrets: {N}
- Cron conflicts: {N hard / N adjacent}
- Comment: posted | failed (fallback artifact at articles/pr-skill-triage-${PR_NUMBER}-${today}.md)
End the skill body with a single terminal line mirroring the chosen status.
Notify (gated). Skip entirely on OK, DEDUP, NO_SKILLS, BAD_VAR, PR_NOT_FOUND, PR_CLOSED. Send on BLOCK (HIGH finding or hard conflict — operator should look now) and on COMMENT_FAILED (operator must paste manually). Send a lower-priority ping on WARN only if the verdict is driven by a MEDIUM security finding (a missing description or required-secret list alone isn't worth a Telegram ping — that information is in the comment).
*Skill PR Triage — ${today} — PR #${PR_NUMBER}*
@${AUTHOR}'s {pack name or N skills} — verdict **{BLOCK | WARN}**.
{If BLOCK from security:} {N} HIGH security finding(s) in {file}. Top: {finding}.
{If BLOCK from conflict:} Schedule conflict: {file} `{schedule}` collides with existing `{slug}`.
{If WARN from MEDIUM:} {N} MEDIUM security finding(s) — review before merge.
{If COMMENT_FAILED:} Could not post triage comment to PR — fallback artifact at articles/pr-skill-triage-${PR_NUMBER}-${today}.md.
PR: https://github.com/aaronjmars/aeon-agent/pull/${PR_NUMBER}
| Status | Meaning | Notify? |
|---|---|---|
PR_SKILL_TRIAGE_OK | Comment posted, no HIGH / no hard conflicts | No |
PR_SKILL_TRIAGE_WARN | Comment posted, MEDIUM finding / missing fields / adjacent slot / required secrets | Yes iff MEDIUM security finding present |
PR_SKILL_TRIAGE_BLOCK | Comment posted, ≥1 HIGH finding OR hard cron conflict | Yes |
PR_SKILL_TRIAGE_NO_SKILLS | PR has no SKILL.md changes; brief comment posted | No |
PR_SKILL_TRIAGE_DEDUP | Head SHA unchanged since last triage; no-op | No |
PR_SKILL_TRIAGE_PR_NOT_FOUND | PR #${var} does not exist on aaronjmars/aeon-agent | No |
PR_SKILL_TRIAGE_PR_CLOSED | PR is closed and not merged — receipt is moot | No |
PR_SKILL_TRIAGE_COMMENT_FAILED | Triage ran but gh pr comment errored; fallback artifact written | Yes |
PR_SKILL_TRIAGE_BAD_VAR | ${var} empty or not a PR number | No |
skills/skill-security-scan/scan.sh verbatim. If the scanner false-positives, the fix lives in the scanner repo, not here.workflow_dispatch schedules never conflict. They have no UTC slot to collide with.LIQUIDPAD_API_KEY is actually set in the repo's secret store — that is the operator's job. The comment is a checklist, not an enforcement gate.gh api. The scanner runs against locally downloaded files; no submissions to VirusTotal, no remote pattern dictionaries, no LLM calls outside this skill's host runner.gh api and gh pr comment call is pinned to aaronjmars/aeon-agent. A ${var} containing only a PR number cannot be coerced into commenting on another repository — the host repo is hardcoded into the scan path.Uses gh api for every GitHub call — no curl, no env-var-in-headers. The contents endpoint returns base64 payloads; the --jq '.content' | base64 -d chain runs locally after gh handles auth. Per-PR cost: 1 metadata call + 1 files-list call + 1 contents call per SKILL.md + 1 comment post. At the current inbound rate (skill PRs are intermittent on aeon-agent — the install-protocol on upstream aeon is the primary entry point) this is trivially within budget.
yq is the only non-standard CLI dependency. If absent on the runner, the fallback grep -E parse on aeon.yml handles the slot-conflict section (degraded — exact match only, no day-of-week alignment check); the rest of the receipt is unaffected.
name, description, tags, schedule, var) only — never evaled.aaronjmars/aeon-agent only — gh pr comment invocations are pinned to that repo. A PR number outside that repo's range produces PR_NOT_FOUND; the skill cannot be coerced into commenting on an unrelated repository by var manipulation.Inbound skill PRs land on an irregular cadence on aeon-agent (lower volume than upstream — install-protocol routing tends to land community packs on upstream aaronjmars/aeon first). A timed cron would burn budget polling for nothing on most runs, and a webhook-driven trigger (pull_request event) would conflict with the existing pr-triage first-touch comment. Operator dispatches this skill specifically when a skill PR lands here and they want the structured receipt — the skill's value is in the depth of the receipt, not the latency of arriving.
Backport of upstream aeon PR #259 (pr-skill-triage skill, merged 2026-05-28). Adaptations:
aaronjmars/aeon-agent throughout (gh api paths, gh pr comment invocations, exit-status descriptions, notify message PR URL)../notify call style and skills/skill-security-scan/scan.sh invocation pattern are already aligned with upstream on aeon-agent — no fork-local divergence to work around.