repomedic
Safely triage and remediate GitHub dependency hygiene issues with explicit guardrails. Use when Dependabot PRs fail, pnpm lockfiles break, transitive vulnerabilities appear (e.g., glob/lodash/brace-expansion), or CI/Vercel fails due to dependency resolution. Prioritize low-risk fixes, branch+PR workflow, and plain-English explanations.
Why use this skill?
RepoMedic is a safe OpenClaw skill for managing dependency hygiene, fixing transitive vulnerabilities, repairing lockfiles, and resolving CI build failures.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/mrummler17/repomedicWhat This Skill Does
RepoMedic is a specialized dependency hygiene agent designed to maintain the integrity of software projects by safely managing, patching, and auditing package manifests and lockfiles. Unlike automated tools that may blindly push breaking updates, RepoMedic follows a strictly conservative, human-in-the-loop philosophy. It specializes in resolving complex dependency hell, such as transitive vulnerability escalations (e.g., CVEs in glob or lodash), lockfile corruption, and CI/Vercel build failures caused by conflicting version resolution. By utilizing a branch-based PR workflow and requiring explicit approval for any non-trivial modification, it ensures that your repository remains secure and deployable without introducing regressions or side effects.
Installation
Install Command: clawhub install openclaw/skills/skills/mrummler17/repomedic Source Repo: openclaw/skills Author: mrummler17
Use Cases
- Transitive Vulnerability Remediation: Automatically identify and patch nested vulnerabilities using targeted pnpm overrides without forcing an entire tree upgrade.
- Lockfile Repair: Resolve drift or corruption in
pnpm-lock.yamlwhen automated CI checks or dependency installs fail due to environment mismatches. - Dependabot Rescue: When an automated Dependabot PR causes build failures in Vercel or local test suites, RepoMedic steps in to manually reconcile the version constraints.
- CI/CD Hygiene: Address recurring build failures tied to environment or config mismatches by isolating dependency-related issues from application logic errors.
Example Prompts
- "RepoMedic, our Vercel build is failing with a resolution error in the dependency tree. Can you analyze the lockfile and suggest a fix using overrides?"
- "We have a critical vulnerability in the 'glob' package, but we can't upgrade the major version yet. Please propose a safe override to patch this."
- "Our CI keeps failing on dependency installation. Triage the pnpm-lock.yaml file and help us get back to a stable, passing build state."
Tips & Limitations
RepoMedic prioritizes safety over speed. Always review the 'Risk Labels' provided in its output—Low, Medium, or High—before proceeding with any changes. The skill is designed for dependency resolution only; it is explicitly not for refactoring, feature work, or major architecture migration. If you encounter a 'High' risk label, treat the suggested changes as a starting point for discussion rather than a direct execution plan. Always ensure your environment variables are set correctly, as RepoMedic cannot resolve failures caused by missing secrets or configuration files.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-mrummler17-repomedic": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-write, file-read, code-execution