ClawHub

S2-BAS-Causal-OS (S2 楼宇自控因果操作系统)

v1.1.0

A thermodynamic physics engine for BAS. Equips the agent with SSSU spatial mapping, thermal calibration, and Causal Lookahead Control (CLC) prediction. Inclu...

0· 40·0 current·0 all-time
byMilesXiang@spacesq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, README, SKILL.md, and code consistently describe a thermodynamic CLC predictor for BAS and a dual-track authorization model. Declared permissions (tool: execute_bas_causal_os, network: localhost) align with on-device/edge BAS integration; no unrelated environment variables, binaries, or external-cloud credentials are requested.
Instruction Scope
SKILL.md confines the agent to an advisory/control role and mandates authorization checks before physical actions. However, the runtime code embeds a simulated registry and performs authorization by comparing supplied tokens to hardcoded strings; token issuance/verification mechanisms (how BMS returns Dispatch_Token or how Owner_Token is provisioned) are not specified. The handler includes implementation placeholders (predict_clc called with ellipses) and possible imports/exception gaps, indicating incomplete code rather than malicious instructions.
Install Mechanism
No install spec — instruction-only with a small python handler file. No downloads, third-party install sources, or archive extraction are present.
Credentials
The skill requests no environment variables or external credentials. The only sensitive artifacts are token-like strings embedded in code (bms_pub_key, owner_id) — these are hardcoded for simulation and not requested from the environment, which is functionally conservative but insecure if used in production.
Persistence & Privilege
always:false and user-invocable; plugin permissions are limited to localhost network and a named tool. The skill does not request system-wide changes to other skills or global config. No evidence of persistent escalation or automatic enablement.
Assessment
This skill appears coherent with its BAS prediction and dual-track auth goals, but treat it as prototype code: do not deploy in production until the BMS/owner token exchange is clearly specified and implemented, remove hardcoded keys from source, ensure cryptographic verification of Dispatch_Token/Owner_Token (not simple equality checks), verify there are no unexpected network endpoints beyond localhost, and perform a code review and functional tests in an isolated environment. If you plan to integrate with a real BMS, require an auditable token issuance flow and never supply real credentials to this skill until those safeguards are implemented.

Like a lobster shell, security has layers — review code before you run it.

latestvk975d1q06cdnwh57e50qjjq6q1849rh3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments