← Back to Skills Marketplace
spacesq

S2 Mothership [3.22 Native]

by MilesXiang · GitHub ↗ · v1.1.3 · MIT-0
cross-platform ⚠ suspicious
133
Downloads
0
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install s2-space-agent-os-mothership
Description
A spatial logic framework for Openclaw. Provides local state compression and coordinate management safely isolated in user space.
Usage Guidance
This package contains many source files that implement local databases, device adapters (Tuya, Home Assistant), LLM calls to localhost, and a vault/backup system — so its behavior broadly matches a home-agent OS. However: 1) metadata inconsistencies (registry says no env vars/binaries, SKILL.md lists several) are red flags — ask the publisher to correct and explain them; 2) do not provide HA_TOKEN/TUYA_SECRET or other secrets until you (or a trusted reviewer) have audited the actuator adapter code paths that use them; 3) verify that the code truly refuses network/cloud calls when credentials are absent (search for unconditional requests.post calls or code paths that fall back to cloud); 4) run the package in an isolated sandbox or VM first (no real home devices, no real tokens) and monitor network traffic and filesystem writes; 5) inspect handler.py and any entrypoint for exec() usage or dynamic code execution, and search files for hidden/control characters or obfuscated strings; 6) the repeated dual-licensing/legal notices are unusual — ensure the license terms meet your intended use (they claim non-commercial only). Given the mismatches and the prompt-injection signal, treat this skill as suspicious until you can confirm the code and runtime behavior.
Capability Analysis
Type: OpenClaw Skill Name: s2-space-agent-os-mothership Version: 1.1.3 This bundle is a comprehensive framework for spatial management and IoT orchestration. It implements high-risk capabilities such as port scanning for device discovery (universal_scanner.py, s2_vision_projection.py) and system-level network metadata retrieval via 'arp' commands (s2_fortress_boot.py), but these are clearly aligned with its stated purpose as a smart home 'Mothership.' The code demonstrates security awareness through the inclusion of SSRF protections in its hardware adapters (e.g., s2_ha_local_adapter.py) and lacks any indicators of malicious intent, such as data exfiltration or unauthorized persistence.
Capability Assessment
Purpose & Capability
The skill's description (spatial logic / local state compression) is consistent with the included Python modules (chronos, vault, actuators, adapters). However the registry metadata claims 'required env vars: none' and 'required binaries: none', while the SKILL.md frontmatter lists environment variables (HA_TOKEN, TUYA_CLIENT_ID, TUYA_SECRET, S2_PRIVACY_CONSENT, etc.), required binaries (python3, sqlite3) and pip packages. Also the package is marked 'instruction-only' in the registry but the bundle contains many code files — these metadata vs. content mismatches are incoherent and warrant caution.
Instruction Scope
SKILL.md allows tools exec, file_read, file_write, http_request and its code shows network calls (requests) to localhost LLM endpoints and cloud adapters (Tuya/HA). Files perform local DB writes, create hidden mirror directories, and read files under their own data dirs. That activity is coherent for a home automation/agent OS, but the instructions claim strict sandboxing and 'will exit if env vars are not provided' — you should verify those checks (they may be present but rely on code paths). SKILL.md also includes embedded full source and a statement that unicode-control-chars were removed, yet a prompt-injection pattern was detected; this ambiguity plus the allowed exec/http_request privileges increases risk if secrets are provided.
Install Mechanism
No install spec is provided (instruction-only), which reduces installer-level risk. However the repository includes many Python modules and a requirements.txt; installing or running this skill will likely require creating files and running Python code locally. Because there is no formal install process declared, how those files are placed and executed is unclear — inspect run-time entrypoints or handler.py before executing.
Credentials
SKILL.md frontmatter requests several sensitive environment values (HA_TOKEN, TUYA_CLIENT_ID, TUYA_SECRET) and flags for real actuation. Those credentials are plausible for a smart-home actuator skill, but the registry metadata claims no required env vars — an unexplained mismatch. Granting cloud tokens would allow the skill to call external APIs; if you don't trust the author or haven't inspected adapters (s2_tuya_cloud_adapter, s2_ha_local_adapter), do not provide secrets.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). The code creates user-space directories (s2_data_cache, s2_state_backup, s2_local_context_logs) and writes databases & signatures; that is expected for a stateful agent. There is no manifested request to modify other skills or system-wide configs, but the skill does create a hidden mirror directory and writes signature files — reasonable for a vault/backup feature but verify paths and permissions locally. Because the agent can perform exec and http_request, giving it secrets increases its blast radius; combine that with the other inconsistencies before granting persistent privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install s2-space-agent-os-mothership
  3. After installation, invoke the skill by name or use /s2-space-agent-os-mothership
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.3
- Added 17 new files, primarily under the s2-clean-v112/.git/ directory, including hooks and info folders. - No changes to core skill logic or user-facing documentation. - No visible updates to SKILL.md; version number remains at 1.1.0 in documentation.
v1.1.2
- Migrated core skill files from s2-os-core/ to s2-clean-v112/, reflecting a major directory structure refactor. - All 64 module and support files were replaced with updated versions, maintaining functionality coverage. - No changes to SKILL.md metadata or descriptive documentation. - No updates or additions to public APIs, configuration parameters, or user-facing features.
v1.1.1
v1.1.1 Security & Compliance Update: Formatted YAML metadata so the registry correctly parses all required ENV vars (HA_TOKEN, TUYA_CLIENT_ID, S2_PRIVACY_CONSENT, etc.) and bins. Hard-sandboxed the local context sync tool. Removed all cross-directory "memory-hook" logic. It now strictly isolates to its own ./s2_local_context_logs and DOES NOT read other agents' logs. Removed all hidden directories (e.g., .s2_raid_mirror_vault) to comply with persistence policies. Cleaned up unicode control characters and legacy comments. Fully aligned with 3.22 safety guidelines.
v1.1.0
- Full 3.22 SDK and Plugin compatibility: refactored S2 Mothership to support Openclaw 2026.3.22-beta.1 and the new Heartbeat mechanism. - Added Silicon Three Laws safety hypervisor with instant physical circuit breaker to block unsafe commands before reaching actuators. - Introduced OS-level privacy consent and strict zero-trust actuator token management for enhanced security. - Provides a 4D TSDB Memory Array (Chronos) for robust spatial and temporal memory. - Supports spatial pod assignment, enabling coordinated multi-agent deployments across different physical spaces. - Compatible with ClawHub as the new primary distribution and designed for seamless multi-room orchestration.
Metadata
Slug s2-space-agent-os-mothership
Version 1.1.3
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 4
Frequently Asked Questions

What is S2 Mothership [3.22 Native]?

A spatial logic framework for Openclaw. Provides local state compression and coordinate management safely isolated in user space. It is an AI Agent Skill for Claude Code / OpenClaw, with 133 downloads so far.

How do I install S2 Mothership [3.22 Native]?

Run "/install s2-space-agent-os-mothership" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is S2 Mothership [3.22 Native] free?

Yes, S2 Mothership [3.22 Native] is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does S2 Mothership [3.22 Native] support?

S2 Mothership [3.22 Native] is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created S2 Mothership [3.22 Native]?

It is built and maintained by MilesXiang (@spacesq); the current version is v1.1.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments