ClawHub

The ultimate Multi-Agent System for Building Automation

v2.0.6

Multi-Agent System for Building Automation powered by S2-SWM. Fully localized thermodynamic causality, local subsystem optimization, and unified Ed25519 zero...

0· 45·0 current·0 all-time
byMilesXiang@spacesq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (BAS MAS with local PKI and zero-trust dispatch) match what the package requests and implements: it reads/writes a local governance folder (s2_bas_governance), generates/verifies Ed25519 signatures, and requires a master key to encrypt/decrypt the lord private key. Requesting a single master key and access to the governance path is proportionate to signing/verification and ledger duties.
Instruction Scope
SKILL.md explicitly prohibits external network access and instructs local validation of building_sovereignty_ledger.json; the code likewise operates on local files and simulated data only. However, SKILL.md triggered a prompt‑injection detection (unicode-control-chars) which may be an attempt to influence agent behavior or metadata parsing — this is not necessary for normal BAS functionality and should be removed/inspected. Also the SKILL.md declares filesystem read/write for s2_bas_governance/* which aligns with the code reading/writing keys and ledger.
Install Mechanism
There is no install spec (instruction-only), and all code files are provided in the bundle (no remote downloads). This lowers supply-chain risk. That said, the code depends on the Python 'cryptography' library (and likely others listed in requirements.txt); because there is no install script, the operator must ensure required packages are present. Verify and install dependencies from trusted registries before running.
Credentials
Only one required environment variable is declared: S2_BMS_MASTER_KEY. The code uses this to encrypt/decrypt the Ed25519 private key and will fall back to a random value if not provided. Asking for a single master password is proportionate to the declared PKI operations and is not excessive.
Persistence & Privilege
always:false and disable-model-invocation:false (normal). The skill creates and modifies files only under s2_bas_governance (its own namespace). It does not request system-wide configuration or other skills' credentials. It writes persistent keys and ledgers to its own directory — expected for this purpose; secure storage and backups are the operator's responsibility.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained unicode-control characters which triggered a prompt-injection pattern detector. The functional purpose of the skill does not require control characters; inspect and remove any hidden control characters before trusting the skill's text or automated parsing.
Assessment
This skill appears internally consistent for an offline building automation multi-agent system: it needs a single master password (S2_BMS_MASTER_KEY) and read/write access to its own governance directory (s2_bas_governance/) so it can create/read the ledger and sign/verify Ed25519 dispatch tokens. Before installing: 1) Inspect and remove any hidden/control characters from SKILL.md (pre-scan flagged unicode-control-chars). 2) Run the code in an isolated test environment (no network) and verify behavior matches expectations. 3) Ensure Python dependencies (cryptography, etc.) are installed from trusted sources (requirements.txt) — the bundle has no install script. 4) Protect the s2_bas_governance directory and back up the public key; only store S2_BMS_MASTER_KEY on hosts you control (avoid multi-tenant/shared shells). 5) Review the provided code for the minor formatting/indentation issues observed in some runtime/demo blocks (these may produce runtime errors but are not in themselves malicious). If you need fully air-gapped operation or hardware actuation, confirm how the system will be integrated with your PLC/SCADA and consider further operational security review.

Like a lobster shell, security has layers — review code before you run it.

latestvk976sqmrgxm3y5qg2rgxv9ba6d84ftzp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments