📦 S2-Nomad-Agent-Protocol — 代理地理协商

v1.1.0

指导 OpenClaw 代理如何请求地理位置、在用户同意下申请 P-SSSU 可居住槽位，并与其他代理协商边界，实现分布式资源分配。

0· 65·0 当前·0 累计

by @spacesq (MilesXiang)

智能体自动化 API工具云服务

下载技能包

最后更新

2026/4/5

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

high confidence

NULL

评估建议

This skill appears coherent and implements the consent-first behavior described in its documentation, but before installing you should: (1) verify that the OpenClaw runtime will prompt the user and block any sensor reads until explicit consent is given (the SKILL.md requires this but the manifest still lists geolocation/device permissions); (2) consider whether granting 'localhost' network access is acceptable (it could communicate with local BMS or home-automation services); (3) review handler....

详细分析 ▾

✓ 用途与能力

The name/description (nomad agent: geolocation, claiming P-SSSU slots, boundary negotiation) align with the included files: SKILL.md specifies user-consent flows and the handler.py implements ledger, claim, and ripple expansion logic. Declared permissions (geolocation, environmental_sensors, execute_nomad_expansion) match the described capabilities.

ℹ 指令范围

SKILL.md explicitly requires explicit user consent prior to reading GPS or invoking expansion tools, which is good. However, the plugin manifest declares device permissions (geolocation/environmental_sensors). That is coherent with the feature set, but it raises an operational question: the platform must enforce the SKILL.md consent flow rather than allowing silent sensor access. Confirm that runtime enforces human-in-the-loop checks before any sensor read or tool invocation.

✓ 安装机制

No install spec or external downloads are present; this is effectively an instruction-only skill with an included Python handler. Nothing is fetched from remote URLs or written to unusual locations.

✓ 凭证需求

The skill requests no environment variables or credentials. The capabilities and permissions are proportionate to a geolocation/territory management tool. There are no unrelated secrets requested.

ℹ 持久化与权限

always is false and the skill does not request system-wide configuration changes. The manifest grants network access to localhost; while that's reasonable for interacting with local BMS or telemetry services (mentioned in SKILL.md), localhost access can touch sensitive local services. Ensure the platform prompts before granting those permissions and that the skill cannot enable persistent background sensor reads without consent.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.1.02026/4/5

NULL

● 无害

安装命令

点击复制

官方npx clawhub@latest install s2-nomad-agent-protocol

镜像加速npx clawhub@latest install s2-nomad-agent-protocol --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库