shll-skills 6.0.1 → 6.0.2

package/SKILL.md

@@ -1,7 +1,7 @@
 ---
 name: shll-run
 description: Execute DeFi transactions on BSC via SHLL AgentNFA. The AI handles all commands and users only need to chat.
-version: 6.0.1
+version: 6.0.2
 author: SHLL Team
 website: https://shll.run
 twitter: https://twitter.com/shllrun
@@ -68,7 +68,7 @@ On-chain guardrails:
 - Spending limits, cooldowns, whitelist rules, and protocol rules are enforced on-chain.
 - Raw calldata is blocked if the recipient cannot be decoded safely.
 
-## Current Critical Constraints (v6.0.0)
+## Current Critical Constraints (v6.0.2)
 
 1. `init` command is disabled. Do not use it.
 2. Raw calldata remains high risk; rely on strict recipient safety checks.
@@ -146,11 +146,10 @@ Write commands include:
 - `raw`
 - `lend`
 - `redeem`
-- `config`
 - `four_buy`
 - `four_sell`
 
-Read-only commands do not require confirmation.
+Read-only commands (no confirmation needed): `config`, `policies`, `status`, `history`, `portfolio`, `price`, `tokens`, `search`, `balance`, `four_info`.
 
 ## CLI Commands
 
@@ -187,6 +186,7 @@ If `-l/--listing` is omitted, `setup-guide` auto-selects an active listing from
 
 ### Read-only and audit
 
+- `shll-run config -k <tokenId>` (view-only; modify via web console)
 - `shll-run portfolio -k <tokenId>`
 - `shll-run price --token <symbolOrAddress>`
 - `shll-run search --query <text>`

package/dist/{chunk-5GV6AGSA.mjs → chunk-MPUPO5EJ.mjs}

@@ -6,7 +6,7 @@ var MEV_PROTECTED_RPC = "https://bscrpc.pancakeswap.finance";
 var DEFAULT_LISTING_MANAGER = "0x1f9CE85bD0FF75acc3D92eB79f1Eb472f0865071";
 var DEFAULT_LISTING_ID = "0x64083b44e38db02749e6e16bf84ce6c19146cc42a108e53324e11f250b15a0b7";
 var DEFAULT_INDEXER = "https://indexer-mainnet.shll.run";
-var SKILL_VERSION = "6.0.1";
+var SKILL_VERSION = "6.0.2";
 var BINDINGS_UPDATED_AT = "2026-03-06";
 var PANCAKE_V2_ROUTER = "0x10ED43C718714eb63d5aA57B78B54704E256024E";
 var PANCAKE_V3_SMART_ROUTER = "0x13f4EA83D0bd40E75C8222255bc855a974568Dd4";
@@ -170,16 +170,11 @@ var LISTING_MANAGER_ABI = [
   }
 ];
 var SPENDING_LIMIT_ABI = [
-  { type: "function", name: "setLimits", inputs: [{ name: "instanceId", type: "uint256" }, { name: "maxPerTx", type: "uint256" }, { name: "maxPerDay", type: "uint256" }, { name: "maxSlippageBps", type: "uint256" }], outputs: [], stateMutability: "nonpayable" },
   { type: "function", name: "instanceLimits", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "maxPerTx", type: "uint256" }, { name: "maxPerDay", type: "uint256" }, { name: "maxSlippageBps", type: "uint256" }], stateMutability: "view" },
   { type: "function", name: "tokenRestrictionEnabled", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "bool" }], stateMutability: "view" },
-  { type: "function", name: "getTokenList", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "address[]" }], stateMutability: "view" },
-  { type: "function", name: "addToken", inputs: [{ name: "instanceId", type: "uint256" }, { name: "token", type: "address" }], outputs: [], stateMutability: "nonpayable" },
-  { type: "function", name: "removeToken", inputs: [{ name: "instanceId", type: "uint256" }, { name: "token", type: "address" }], outputs: [], stateMutability: "nonpayable" },
-  { type: "function", name: "setTokenRestriction", inputs: [{ name: "instanceId", type: "uint256" }, { name: "enabled", type: "bool" }], outputs: [], stateMutability: "nonpayable" }
+  { type: "function", name: "getTokenList", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "address[]" }], stateMutability: "view" }
 ];
 var COOLDOWN_ABI = [
-  { type: "function", name: "setCooldown", inputs: [{ name: "instanceId", type: "uint256" }, { name: "seconds_", type: "uint256" }], outputs: [], stateMutability: "nonpayable" },
   { type: "function", name: "cooldownSeconds", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }], stateMutability: "view" }
 ];
 var FOUR_MEME_HELPER_ABI = [
@@ -293,7 +288,7 @@ async function resolveTokenAsync(publicClient, input) {
 }
 
 // src/shared/clients.ts
-import { createPublicClient as createPublicClient2, createWalletClient as createWalletClient2, http as http2 } from "viem";
+import { createPublicClient as createPublicClient2, http as http2 } from "viem";
 import { privateKeyToAccount as privateKeyToAccount2, generatePrivateKey } from "viem/accounts";
 import { bsc as bsc2 } from "viem/chains";
 
@@ -823,14 +818,6 @@ function createClients(rpcUrl) {
   });
   return { account, publicClient, policyClient, rpc: writeRpc };
 }
-function createWallet(rpcUrl) {
-  const privateKey = process.env.RUNNER_PRIVATE_KEY;
-  if (!privateKey) throw new Error("RUNNER_PRIVATE_KEY environment variable is required");
-  const rpc = rpcUrl || DEFAULT_RPC;
-  const account = privateKeyToAccount2(toHex(privateKey));
-  const walletClient = createWalletClient2({ account, chain: bsc2, transport: http2(rpc) });
-  return { account, walletClient };
-}
 function createReadOnlyClient(rpcUrl) {
   const rpc = rpcUrl || process.env.SHLL_RPC || DEFAULT_RPC;
   return createPublicClient2({
@@ -2417,59 +2404,48 @@ async function getHistory(tokenIdRaw, limit) {
     recentPolicyRejections: rejections.length
   };
 }
-async function updateRiskConfig(tokenIdRaw, options) {
-  if (!options.txLimit && !options.dailyLimit && !options.cooldown) {
-    throw new SkillError("INVALID_INPUT", "Must specify at least one policy config option");
-  }
+async function getPolicyConfigGuidance(tokenIdRaw, rpcUrl) {
   const tokenId = parseTokenId(tokenIdRaw);
-  const { publicClient, policyClient, rpc } = createClients(options.rpcUrl);
-  await ensureAccess(tokenId, rpc, publicClient);
-  const { walletClient } = createWallet(rpc);
+  const { publicClient, policyClient } = createClients(rpcUrl);
   const policies = await policyClient.getPolicies(tokenId);
-  const results = [];
-  if (options.txLimit || options.dailyLimit) {
-    const spendingPolicy = policies.find((policy) => policy.policyTypeName === "spending_limit");
-    if (!spendingPolicy) {
-      throw new SkillError("NOT_FOUND", "No SpendingLimitPolicy found");
+  const consoleUrl = agentConsoleUrl(tokenId);
+  const currentConfig = {};
+  const spendingPolicy = policies.find((p) => p.policyTypeName === "spending_limit");
+  if (spendingPolicy) {
+    try {
+      const [maxPerTx, maxPerDay, maxSlippageBps] = await publicClient.readContract({
+        address: spendingPolicy.address,
+        abi: SPENDING_LIMIT_ABI,
+        functionName: "instanceLimits",
+        args: [tokenId]
+      });
+      currentConfig.spendingLimit = {
+        maxPerTx: (Number(maxPerTx) / 1e18).toFixed(4) + " BNB",
+        maxPerDay: (Number(maxPerDay) / 1e18).toFixed(4) + " BNB",
+        slippageBps: maxSlippageBps.toString()
+      };
+    } catch {
     }
-    const current = await publicClient.readContract({
-      address: spendingPolicy.address,
-      abi: SPENDING_LIMIT_ABI,
-      functionName: "instanceLimits",
-      args: [tokenId]
-    });
-    const [curMaxPerTx, curMaxPerDay, curSlippage] = current;
-    const hash = await walletClient.writeContract({
-      address: spendingPolicy.address,
-      abi: SPENDING_LIMIT_ABI,
-      functionName: "setLimits",
-      args: [
-        tokenId,
-        options.txLimit ? parseAmount(options.txLimit, 18) : curMaxPerTx,
-        options.dailyLimit ? parseAmount(options.dailyLimit, 18) : curMaxPerDay,
-        curSlippage
-      ]
-    });
-    await publicClient.waitForTransactionReceipt({ hash });
-    results.push(`SpendingLimit updated: ${hash}`);
   }
-  if (options.cooldown) {
-    const cooldownPolicy = policies.find((policy) => policy.policyTypeName === "cooldown");
-    if (!cooldownPolicy) {
-      throw new SkillError("NOT_FOUND", "No CooldownPolicy found");
+  const cooldownPolicy = policies.find((p) => p.policyTypeName === "cooldown");
+  if (cooldownPolicy) {
+    try {
+      const cooldown = await publicClient.readContract({
+        address: cooldownPolicy.address,
+        abi: COOLDOWN_ABI,
+        functionName: "cooldownSeconds",
+        args: [tokenId]
+      });
+      currentConfig.cooldown = { seconds: Number(cooldown) };
+    } catch {
     }
-    const hash = await walletClient.writeContract({
-      address: cooldownPolicy.address,
-      abi: COOLDOWN_ABI,
-      functionName: "setCooldown",
-      args: [tokenId, BigInt(options.cooldown)]
-    });
-    await publicClient.waitForTransactionReceipt({ hash });
-    results.push(`Cooldown updated: ${hash}`);
   }
   return {
-    status: "success",
-    details: results
+    status: "read_only",
+    tokenId: tokenIdRaw,
+    currentConfig,
+    message: "Policy modification via Skills is disabled. Please use the web console to adjust your security settings.",
+    consoleUrl
   };
 }
 function dedupeStrings(values) {
@@ -2507,5 +2483,5 @@ export {
   readTokenRestriction,
   getStatusOverview,
   getHistory,
-  updateRiskConfig
+  getPolicyConfigGuidance
 };

package/dist/index.js

@@ -12,7 +12,7 @@ var MEV_PROTECTED_RPC = "https://bscrpc.pancakeswap.finance";
 var DEFAULT_LISTING_MANAGER = "0x1f9CE85bD0FF75acc3D92eB79f1Eb472f0865071";
 var DEFAULT_LISTING_ID = "0x64083b44e38db02749e6e16bf84ce6c19146cc42a108e53324e11f250b15a0b7";
 var DEFAULT_INDEXER = "https://indexer-mainnet.shll.run";
-var SKILL_VERSION = "6.0.1";
+var SKILL_VERSION = "6.0.2";
 var BINDINGS_UPDATED_AT = "2026-03-06";
 var PANCAKE_V2_ROUTER = "0x10ED43C718714eb63d5aA57B78B54704E256024E";
 var PANCAKE_V3_SMART_ROUTER = "0x13f4EA83D0bd40E75C8222255bc855a974568Dd4";
@@ -176,16 +176,11 @@ var LISTING_MANAGER_ABI = [
   }
 ];
 var SPENDING_LIMIT_ABI = [
-  { type: "function", name: "setLimits", inputs: [{ name: "instanceId", type: "uint256" }, { name: "maxPerTx", type: "uint256" }, { name: "maxPerDay", type: "uint256" }, { name: "maxSlippageBps", type: "uint256" }], outputs: [], stateMutability: "nonpayable" },
   { type: "function", name: "instanceLimits", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "maxPerTx", type: "uint256" }, { name: "maxPerDay", type: "uint256" }, { name: "maxSlippageBps", type: "uint256" }], stateMutability: "view" },
   { type: "function", name: "tokenRestrictionEnabled", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "bool" }], stateMutability: "view" },
-  { type: "function", name: "getTokenList", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "address[]" }], stateMutability: "view" },
-  { type: "function", name: "addToken", inputs: [{ name: "instanceId", type: "uint256" }, { name: "token", type: "address" }], outputs: [], stateMutability: "nonpayable" },
-  { type: "function", name: "removeToken", inputs: [{ name: "instanceId", type: "uint256" }, { name: "token", type: "address" }], outputs: [], stateMutability: "nonpayable" },
-  { type: "function", name: "setTokenRestriction", inputs: [{ name: "instanceId", type: "uint256" }, { name: "enabled", type: "bool" }], outputs: [], stateMutability: "nonpayable" }
+  { type: "function", name: "getTokenList", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "address[]" }], stateMutability: "view" }
 ];
 var COOLDOWN_ABI = [
-  { type: "function", name: "setCooldown", inputs: [{ name: "instanceId", type: "uint256" }, { name: "seconds_", type: "uint256" }], outputs: [], stateMutability: "nonpayable" },
   { type: "function", name: "cooldownSeconds", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }], stateMutability: "view" }
 ];
 var FOUR_MEME_HELPER_ABI = [
@@ -825,14 +820,6 @@ function createClients(rpcUrl) {
   });
   return { account, publicClient, policyClient, rpc: writeRpc };
 }
-function createWallet(rpcUrl) {
-  const privateKey = process.env.RUNNER_PRIVATE_KEY;
-  if (!privateKey) throw new Error("RUNNER_PRIVATE_KEY environment variable is required");
-  const rpc = rpcUrl || DEFAULT_RPC;
-  const account = (0, import_accounts2.privateKeyToAccount)(toHex(privateKey));
-  const walletClient = (0, import_viem2.createWalletClient)({ account, chain: import_chains2.bsc, transport: (0, import_viem2.http)(rpc) });
-  return { account, walletClient };
-}
 function createReadOnlyClient(rpcUrl) {
   const rpc = rpcUrl || process.env.SHLL_RPC || DEFAULT_RPC;
   return (0, import_viem2.createPublicClient)({
@@ -2360,59 +2347,48 @@ async function getHistory(tokenIdRaw, limit) {
     recentPolicyRejections: rejections.length
   };
 }
-async function updateRiskConfig(tokenIdRaw, options) {
-  if (!options.txLimit && !options.dailyLimit && !options.cooldown) {
-    throw new SkillError("INVALID_INPUT", "Must specify at least one policy config option");
-  }
+async function getPolicyConfigGuidance(tokenIdRaw, rpcUrl) {
   const tokenId = parseTokenId(tokenIdRaw);
-  const { publicClient, policyClient, rpc } = createClients(options.rpcUrl);
-  await ensureAccess(tokenId, rpc, publicClient);
-  const { walletClient } = createWallet(rpc);
+  const { publicClient, policyClient } = createClients(rpcUrl);
   const policies = await policyClient.getPolicies(tokenId);
-  const results = [];
-  if (options.txLimit || options.dailyLimit) {
-    const spendingPolicy = policies.find((policy) => policy.policyTypeName === "spending_limit");
-    if (!spendingPolicy) {
-      throw new SkillError("NOT_FOUND", "No SpendingLimitPolicy found");
+  const consoleUrl = agentConsoleUrl(tokenId);
+  const currentConfig = {};
+  const spendingPolicy = policies.find((p) => p.policyTypeName === "spending_limit");
+  if (spendingPolicy) {
+    try {
+      const [maxPerTx, maxPerDay, maxSlippageBps] = await publicClient.readContract({
+        address: spendingPolicy.address,
+        abi: SPENDING_LIMIT_ABI,
+        functionName: "instanceLimits",
+        args: [tokenId]
+      });
+      currentConfig.spendingLimit = {
+        maxPerTx: (Number(maxPerTx) / 1e18).toFixed(4) + " BNB",
+        maxPerDay: (Number(maxPerDay) / 1e18).toFixed(4) + " BNB",
+        slippageBps: maxSlippageBps.toString()
+      };
+    } catch {
     }
-    const current = await publicClient.readContract({
-      address: spendingPolicy.address,
-      abi: SPENDING_LIMIT_ABI,
-      functionName: "instanceLimits",
-      args: [tokenId]
-    });
-    const [curMaxPerTx, curMaxPerDay, curSlippage] = current;
-    const hash = await walletClient.writeContract({
-      address: spendingPolicy.address,
-      abi: SPENDING_LIMIT_ABI,
-      functionName: "setLimits",
-      args: [
-        tokenId,
-        options.txLimit ? parseAmount(options.txLimit, 18) : curMaxPerTx,
-        options.dailyLimit ? parseAmount(options.dailyLimit, 18) : curMaxPerDay,
-        curSlippage
-      ]
-    });
-    await publicClient.waitForTransactionReceipt({ hash });
-    results.push(`SpendingLimit updated: ${hash}`);
   }
-  if (options.cooldown) {
-    const cooldownPolicy = policies.find((policy) => policy.policyTypeName === "cooldown");
-    if (!cooldownPolicy) {
-      throw new SkillError("NOT_FOUND", "No CooldownPolicy found");
+  const cooldownPolicy = policies.find((p) => p.policyTypeName === "cooldown");
+  if (cooldownPolicy) {
+    try {
+      const cooldown = await publicClient.readContract({
+        address: cooldownPolicy.address,
+        abi: COOLDOWN_ABI,
+        functionName: "cooldownSeconds",
+        args: [tokenId]
+      });
+      currentConfig.cooldown = { seconds: Number(cooldown) };
+    } catch {
     }
-    const hash = await walletClient.writeContract({
-      address: cooldownPolicy.address,
-      abi: COOLDOWN_ABI,
-      functionName: "setCooldown",
-      args: [tokenId, BigInt(options.cooldown)]
-    });
-    await publicClient.waitForTransactionReceipt({ hash });
-    results.push(`Cooldown updated: ${hash}`);
   }
   return {
-    status: "success",
-    details: results
+    status: "read_only",
+    tokenId: tokenIdRaw,
+    currentConfig,
+    message: "Policy modification via Skills is disabled. Please use the web console to adjust your security settings.",
+    consoleUrl
   };
 }
 function dedupeStrings(values) {
@@ -2582,15 +2558,10 @@ function registerAgentCommands(program2) {
       process.exit(1);
     }
   });
-  const configCmd = new import_commander5.Command("config").description("Configure agent risk parameters (Requires RENTER status!)").option("--tx-limit <amount>", "Max BNB per tx").option("--daily-limit <amount>", "Max BNB per day").option("--cooldown <seconds>", "Seconds between tx");
+  const configCmd = new import_commander5.Command("config").description("View current risk parameters (modify via web console)");
   addSharedOptions(configCmd).action(async (opts) => {
     try {
-      output(await updateRiskConfig(opts.tokenId, {
-        txLimit: opts.txLimit,
-        dailyLimit: opts.dailyLimit,
-        cooldown: opts.cooldown,
-        rpcUrl: opts.rpc
-      }));
+      output(await getPolicyConfigGuidance(opts.tokenId, opts.rpc));
     } catch (error) {
       outputError(error);
       process.exit(1);

package/dist/index.mjs

@@ -11,6 +11,7 @@ import {
   getBalance,
   getFourMemeInfo,
   getHistory,
+  getPolicyConfigGuidance,
   getPolicySummary,
   getPortfolio,
   getPrice,
@@ -25,9 +26,8 @@ import {
   toErrorPayload,
   transferFromVault,
   unwrapWbnb,
-  updateRiskConfig,
   wrapBnb
-} from "./chunk-5GV6AGSA.mjs";
+} from "./chunk-MPUPO5EJ.mjs";
 
 // src/index.ts
 import { Command as Command9 } from "commander";
@@ -226,15 +226,10 @@ function registerAgentCommands(program2) {
       process.exit(1);
     }
   });
-  const configCmd = new Command5("config").description("Configure agent risk parameters (Requires RENTER status!)").option("--tx-limit <amount>", "Max BNB per tx").option("--daily-limit <amount>", "Max BNB per day").option("--cooldown <seconds>", "Seconds between tx");
+  const configCmd = new Command5("config").description("View current risk parameters (modify via web console)");
   addSharedOptions(configCmd).action(async (opts) => {
     try {
-      output(await updateRiskConfig(opts.tokenId, {
-        txLimit: opts.txLimit,
-        dailyLimit: opts.dailyLimit,
-        cooldown: opts.cooldown,
-        rpcUrl: opts.rpc
-      }));
+      output(await getPolicyConfigGuidance(opts.tokenId, opts.rpc));
     } catch (error) {
       outputError(error);
       process.exit(1);

package/dist/mcp.js

@@ -12,7 +12,7 @@ var MEV_PROTECTED_RPC = "https://bscrpc.pancakeswap.finance";
 var DEFAULT_LISTING_MANAGER = "0x1f9CE85bD0FF75acc3D92eB79f1Eb472f0865071";
 var DEFAULT_LISTING_ID = "0x64083b44e38db02749e6e16bf84ce6c19146cc42a108e53324e11f250b15a0b7";
 var DEFAULT_INDEXER = "https://indexer-mainnet.shll.run";
-var SKILL_VERSION = "6.0.1";
+var SKILL_VERSION = "6.0.2";
 var PANCAKE_V2_ROUTER = "0x10ED43C718714eb63d5aA57B78B54704E256024E";
 var PANCAKE_V3_SMART_ROUTER = "0x13f4EA83D0bd40E75C8222255bc855a974568Dd4";
 var V3_QUOTER = "0xB048Bbc1Ee6b733FFfCFb9e9CeF7375518e25997";
@@ -175,16 +175,11 @@ var LISTING_MANAGER_ABI = [
   }
 ];
 var SPENDING_LIMIT_ABI = [
-  { type: "function", name: "setLimits", inputs: [{ name: "instanceId", type: "uint256" }, { name: "maxPerTx", type: "uint256" }, { name: "maxPerDay", type: "uint256" }, { name: "maxSlippageBps", type: "uint256" }], outputs: [], stateMutability: "nonpayable" },
   { type: "function", name: "instanceLimits", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "maxPerTx", type: "uint256" }, { name: "maxPerDay", type: "uint256" }, { name: "maxSlippageBps", type: "uint256" }], stateMutability: "view" },
   { type: "function", name: "tokenRestrictionEnabled", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "bool" }], stateMutability: "view" },
-  { type: "function", name: "getTokenList", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "address[]" }], stateMutability: "view" },
-  { type: "function", name: "addToken", inputs: [{ name: "instanceId", type: "uint256" }, { name: "token", type: "address" }], outputs: [], stateMutability: "nonpayable" },
-  { type: "function", name: "removeToken", inputs: [{ name: "instanceId", type: "uint256" }, { name: "token", type: "address" }], outputs: [], stateMutability: "nonpayable" },
-  { type: "function", name: "setTokenRestriction", inputs: [{ name: "instanceId", type: "uint256" }, { name: "enabled", type: "bool" }], outputs: [], stateMutability: "nonpayable" }
+  { type: "function", name: "getTokenList", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "address[]" }], stateMutability: "view" }
 ];
 var COOLDOWN_ABI = [
-  { type: "function", name: "setCooldown", inputs: [{ name: "instanceId", type: "uint256" }, { name: "seconds_", type: "uint256" }], outputs: [], stateMutability: "nonpayable" },
   { type: "function", name: "cooldownSeconds", inputs: [{ name: "instanceId", type: "uint256" }], outputs: [{ name: "", type: "uint256" }], stateMutability: "view" }
 ];
 var FOUR_MEME_HELPER_ABI = [
@@ -824,14 +819,6 @@ function createClients(rpcUrl) {
   });
   return { account, publicClient, policyClient, rpc: writeRpc };
 }
-function createWallet(rpcUrl) {
-  const privateKey = process.env.RUNNER_PRIVATE_KEY;
-  if (!privateKey) throw new Error("RUNNER_PRIVATE_KEY environment variable is required");
-  const rpc = rpcUrl || DEFAULT_RPC;
-  const account = (0, import_accounts2.privateKeyToAccount)(toHex(privateKey));
-  const walletClient = (0, import_viem2.createWalletClient)({ account, chain: import_chains2.bsc, transport: (0, import_viem2.http)(rpc) });
-  return { account, walletClient };
-}
 function createReadOnlyClient(rpcUrl) {
   const rpc = rpcUrl || process.env.SHLL_RPC || DEFAULT_RPC;
   return (0, import_viem2.createPublicClient)({
@@ -2421,59 +2408,48 @@ async function getHistory(tokenIdRaw, limit) {
     recentPolicyRejections: rejections.length
   };
 }
-async function updateRiskConfig(tokenIdRaw, options) {
-  if (!options.txLimit && !options.dailyLimit && !options.cooldown) {
-    throw new SkillError("INVALID_INPUT", "Must specify at least one policy config option");
-  }
+async function getPolicyConfigGuidance(tokenIdRaw, rpcUrl) {
   const tokenId = parseTokenId(tokenIdRaw);
-  const { publicClient, policyClient, rpc } = createClients(options.rpcUrl);
-  await ensureAccess(tokenId, rpc, publicClient);
-  const { walletClient } = createWallet(rpc);
+  const { publicClient, policyClient } = createClients(rpcUrl);
   const policies = await policyClient.getPolicies(tokenId);
-  const results = [];
-  if (options.txLimit || options.dailyLimit) {
-    const spendingPolicy = policies.find((policy) => policy.policyTypeName === "spending_limit");
-    if (!spendingPolicy) {
-      throw new SkillError("NOT_FOUND", "No SpendingLimitPolicy found");
+  const consoleUrl = agentConsoleUrl(tokenId);
+  const currentConfig = {};
+  const spendingPolicy = policies.find((p) => p.policyTypeName === "spending_limit");
+  if (spendingPolicy) {
+    try {
+      const [maxPerTx, maxPerDay, maxSlippageBps] = await publicClient.readContract({
+        address: spendingPolicy.address,
+        abi: SPENDING_LIMIT_ABI,
+        functionName: "instanceLimits",
+        args: [tokenId]
+      });
+      currentConfig.spendingLimit = {
+        maxPerTx: (Number(maxPerTx) / 1e18).toFixed(4) + " BNB",
+        maxPerDay: (Number(maxPerDay) / 1e18).toFixed(4) + " BNB",
+        slippageBps: maxSlippageBps.toString()
+      };
+    } catch {
     }
-    const current = await publicClient.readContract({
-      address: spendingPolicy.address,
-      abi: SPENDING_LIMIT_ABI,
-      functionName: "instanceLimits",
-      args: [tokenId]
-    });
-    const [curMaxPerTx, curMaxPerDay, curSlippage] = current;
-    const hash = await walletClient.writeContract({
-      address: spendingPolicy.address,
-      abi: SPENDING_LIMIT_ABI,
-      functionName: "setLimits",
-      args: [
-        tokenId,
-        options.txLimit ? parseAmount(options.txLimit, 18) : curMaxPerTx,
-        options.dailyLimit ? parseAmount(options.dailyLimit, 18) : curMaxPerDay,
-        curSlippage
-      ]
-    });
-    await publicClient.waitForTransactionReceipt({ hash });
-    results.push(`SpendingLimit updated: ${hash}`);
   }
-  if (options.cooldown) {
-    const cooldownPolicy = policies.find((policy) => policy.policyTypeName === "cooldown");
-    if (!cooldownPolicy) {
-      throw new SkillError("NOT_FOUND", "No CooldownPolicy found");
+  const cooldownPolicy = policies.find((p) => p.policyTypeName === "cooldown");
+  if (cooldownPolicy) {
+    try {
+      const cooldown = await publicClient.readContract({
+        address: cooldownPolicy.address,
+        abi: COOLDOWN_ABI,
+        functionName: "cooldownSeconds",
+        args: [tokenId]
+      });
+      currentConfig.cooldown = { seconds: Number(cooldown) };
+    } catch {
     }
-    const hash = await walletClient.writeContract({
-      address: cooldownPolicy.address,
-      abi: COOLDOWN_ABI,
-      functionName: "setCooldown",
-      args: [tokenId, BigInt(options.cooldown)]
-    });
-    await publicClient.waitForTransactionReceipt({ hash });
-    results.push(`Cooldown updated: ${hash}`);
   }
   return {
-    status: "success",
-    details: results
+    status: "read_only",
+    tokenId: tokenIdRaw,
+    currentConfig,
+    message: "Policy modification via Skills is disabled. Please use the web console to adjust your security settings.",
+    consoleUrl
   };
 }
 function dedupeStrings(values) {
@@ -2750,20 +2726,13 @@ function registerAgentTools(server2) {
   );
   server2.tool(
     "config",
-    "Configure risk parameters",
+    "View current risk parameters and get a link to the web console for modifications",
     {
-      token_id: CommonSchemas.tokenId.describe("Agent Token ID"),
-      tx_limit: import_zod5.z.string().optional().describe("Max BNB per tx"),
-      daily_limit: import_zod5.z.string().optional().describe("Max BNB per day"),
-      cooldown: import_zod5.z.string().optional().describe("Seconds between tx")
+      token_id: CommonSchemas.tokenId.describe("Agent Token ID")
     },
-    async ({ token_id, tx_limit, daily_limit, cooldown }) => {
+    async ({ token_id }) => {
       try {
-        return asToolResult5(await updateRiskConfig(token_id, {
-          txLimit: tx_limit,
-          dailyLimit: daily_limit,
-          cooldown
-        }));
+        return asToolResult5(await getPolicyConfigGuidance(token_id));
       } catch (error) {
         return formatMcpError(error);
       }

package/dist/mcp.mjs

@@ -11,6 +11,7 @@ import {
   getBalance,
   getFourMemeInfo,
   getHistory,
+  getPolicyConfigGuidance,
   getPolicySummary,
   getPortfolio,
   getPrice,
@@ -24,9 +25,8 @@ import {
   sellFourMeme,
   transferFromVault,
   unwrapWbnb,
-  updateRiskConfig,
   wrapBnb
-} from "./chunk-5GV6AGSA.mjs";
+} from "./chunk-MPUPO5EJ.mjs";
 
 // src/mcp.ts
 import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
@@ -303,20 +303,13 @@ function registerAgentTools(server2) {
   );
   server2.tool(
     "config",
-    "Configure risk parameters",
+    "View current risk parameters and get a link to the web console for modifications",
     {
-      token_id: CommonSchemas.tokenId.describe("Agent Token ID"),
-      tx_limit: z4.string().optional().describe("Max BNB per tx"),
-      daily_limit: z4.string().optional().describe("Max BNB per day"),
-      cooldown: z4.string().optional().describe("Seconds between tx")
+      token_id: CommonSchemas.tokenId.describe("Agent Token ID")
     },
-    async ({ token_id, tx_limit, daily_limit, cooldown }) => {
+    async ({ token_id }) => {
       try {
-        return asToolResult5(await updateRiskConfig(token_id, {
-          txLimit: tx_limit,
-          dailyLimit: daily_limit,
-          cooldown
-        }));
+        return asToolResult5(await getPolicyConfigGuidance(token_id));
       } catch (error) {
         return formatMcpError(error);
       }

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "shll-skills",
-    "version": "6.0.1",
+    "version": "6.0.2",
     "description": "SHLL DeFi Agent - CLI + MCP Server for BSC",
     "main": "dist/index.js",
     "bin": {