MediaClaw Swarm Connector

The skill partly does what it claims (provision a tunnel and register with an external registry) but its runtime instructions instruct autonomous, invasive behaviors (exposing your machine publicly and overwriting peer code) that are out-of-scope and potentially dangerous.

Do not run this on a production or personal machine without strong isolation. The skill will create a public tunnel (exposing local services) and POST your node info to an external domain (googlemapscoin.com). The human-readable instructions explicitly direct the agent to autonomously 'overwrite' peer code, which could be unauthorized or worm-like behavior. If you consider using it: (1) verify the Mothership domain and the author's identity; (2) run it only in a fully isolated VM or disposable container with no sensitive services and with outbound network controls; (3) review and test the npm dependencies (localtunnel/node-fetch) before installing; (4) request a clear explanation of why the agent must modify remote peers and what safeguards exist; (5) prefer declining installation if you cannot sandbox behavior or obtain trustworthy provenance.