osModa Spawn: The Complete Guide to AI Agent Skills, Daemons & Trust Architecture
Inside the AI-native operating system powering autonomous infrastructure with 9 Rust daemons and post-quantum security
Autonomous AI agents need more than a container and an API key. They need an operating system designed from the ground up for agent autonomy, safety, and persistence. osModa delivers exactly that โ a NixOS-based AI-native OS with 9 specialized Rust daemons, 72 system tools, and a three-ring trust model that makes self-healing agent infrastructure a reality. This guide explores every daemon, every skill, and every security layer in detail.
9
Rust Daemons
72
System Tools
17
System Skills
3
Trust Rings
What is osModa?
osModa is an AI-native operating system built on NixOS that transforms standard Linux servers into autonomous agent infrastructure. Unlike traditional hosting platforms that bolt AI capabilities onto existing architectures, osModa was designed from scratch for a world where AI agents are first-class citizens โ capable of managing themselves, healing from failures, and operating autonomously within clearly defined safety boundaries.
The project is fully open-source under the Apache-2.0 license, with the complete codebase available on GitHub. At its core, osModa runs 9 specialized Rust daemons that provide everything an autonomous agent needs: process supervision, filesystem monitoring, background task automation, peer-to-peer networking, credential management, network filtering, speech I/O, learning pipelines, and MCP tool integration.
NixOS Foundation
Atomic rollbacks, reproducible builds, and declarative system configuration ensure agents never corrupt their own environment.
Rust-First Architecture
All 9 daemons are written in Rust for memory safety, zero-cost abstractions, and predictable performance under agent workloads.
Agent-First Security
Three-ring trust model, hash-chained audit trail, and post-quantum encrypted mesh ensure agents operate safely and verifiably.
Spawn: The Managed Hosting Platform
Spawn is the managed hosting arm of osModa. Instead of configuring NixOS yourself, Spawn provides one-click deployment with a web dashboard for monitoring, managing, and scaling your AI agent infrastructure. Think of it as โVercel for autonomous agentsโ โ the full osModa stack, managed for you.
Spawn Dashboard Features
- One-click osModa deployment on dedicated hardware
- Real-time daemon health monitoring and alerts
- Agent activity logs with hash-chain verification
- Mesh network topology visualization
- Automated NixOS updates and rollbacks
- Credential vault management via web UI
- Resource usage analytics and scaling controls
- SSH and terminal access for advanced users
Community & Support
The osModa ecosystem is backed by an active developer community. Whether you're self-hosting or using Spawn, you have access to comprehensive support channels:
The 9 Rust Daemons: osModa's Nervous System
Each daemon is a standalone Rust binary managed by systemd. They communicate over Unix domain sockets and are orchestrated declaratively through NixOS modules. Here's what each one does:
agentd
Agent Supervisor & Lifecycle Manager
The central daemon that manages all agent processes. It handles agent spawning, lifecycle management, resource allocation, and graceful shutdown. When an agent crashes, agentd automatically restarts it with its last known state, implementing the self-healing capability that makes osModa unique.
osmoda-watch
Filesystem Monitor & Integrity Checker
Monitors the entire filesystem in real-time using inotify. Detects unauthorized modifications, tracks agent file operations, and maintains integrity checksums for critical system files. If an agent attempts to modify files outside its sandbox, osmoda-watch triggers an immediate alert and can invoke containment protocols.
osmoda-routines
Background Task Automation Engine
Executes scheduled and event-driven background tasks. Think of it as a smart cron that understands agent context. Routines can be triggered by time, filesystem events, network conditions, or agent requests. Each routine runs in an isolated sandbox with its own resource limits and audit trail.
osmoda-teachd
Learning Pipeline & Knowledge Manager
Manages the agent's learning pipeline โ ingesting new knowledge, maintaining context windows, and organizing long-term memory. teachd handles document ingestion, embedding generation, retrieval-augmented generation (RAG) pipelines, and knowledge graph maintenance. Agents learn from their interactions and improve over time.
osmoda-mesh
Post-Quantum P2P Mesh Network
Implements peer-to-peer networking between osModa instances using ML-KEM-768 (Kyber) for post-quantum key encapsulation. Agents on different machines can securely communicate, share knowledge, and coordinate tasks without a central server. The mesh is self-organizing and resilient to node failures.
osmoda-voice
Speech Input/Output & Multi-Channel Communication
Handles speech-to-text and text-to-speech for voice-based agent interactions. Also manages multi-channel communication โ agents can interact via CLI, HTTP API, WebSocket, and voice simultaneously. Supports local Whisper models for privacy-preserving speech recognition.
osmoda-mcpd
Model Context Protocol Daemon
Implements the Model Context Protocol (MCP) standard, allowing osModa agents to connect to any MCP-compatible tool server. This means agents can use external tools โ databases, APIs, file systems, code interpreters โ through a standardized interface. mcpd handles tool discovery, permission verification, and execution sandboxing.
osmoda-keyd
Credential Vault & Secret Manager
Manages all secrets, API keys, and credentials. Keys are encrypted at rest using the system's TPM (when available) and only decrypted in-memory for authorized agent operations. Supports automatic key rotation, access logging, and integration with external vaults like HashiCorp Vault.
osmoda-egress
Network Egress Filter & Traffic Controller
Controls all outbound network traffic from agent processes. Implements allowlist-based egress filtering so agents can only communicate with pre-approved endpoints. Prevents data exfiltration, blocks unauthorized API calls, and logs all network activity for audit. Integrates with osmoda-watch for correlated file+network anomaly detection.
72 System Tools: What Agents Can Actually Do
osModa ships with 72 built-in tools organized into functional categories. Each tool has explicit trust-ring requirements and audit logging. Here's the complete breakdown:
File & Directory (14 tools)
read_file, write_file, list_dir, create_dir, move_path, copy_path, delete_path, file_info, search_files, glob_files, watch_path, tail_file, checksum, disk_usage
All file operations are sandboxed to the agent's working directory (Ring 2) by default.
Process & System (10 tools)
run_command, spawn_process, kill_process, list_processes, system_info, env_get, env_set, nix_build, nix_shell, systemctl
Process tools require Ring 1 trust. nix_build and systemctl require Ring 0.
Network & HTTP (11 tools)
http_request, http_download, dns_resolve, port_scan, websocket_connect, mesh_send, mesh_broadcast, mesh_peers, egress_allow, egress_deny, egress_list
All outbound traffic is filtered by osmoda-egress. Mesh tools use post-quantum encryption.
Crypto & Security (9 tools)
encrypt, decrypt, sign, verify, hash, key_generate, key_store, key_retrieve, audit_log
Cryptographic operations use the system keyring via osmoda-keyd. Audit log is hash-chained.
AI & LLM (10 tools)
llm_chat, llm_complete, embed_text, embed_search, rag_ingest, rag_query, mcp_list_tools, mcp_call_tool, model_list, model_pull
Supports Claude, GPT-4, open-source models via Ollama, and any MCP server.
Data & Storage (8 tools)
kv_get, kv_set, kv_delete, kv_list, sqlite_query, sqlite_exec, json_parse, json_query
Built-in key-value store and SQLite for agent state persistence. JSON tools for structured data.
Scheduling & Automation (6 tools)
routine_create, routine_list, routine_cancel, timer_set, cron_add, cron_remove
Managed by osmoda-routines. Supports cron expressions and event-driven triggers.
Communication (4 tools)
notify, voice_transcribe, voice_synthesize, channel_send
Multi-channel notifications. Voice via osmoda-voice. Supports webhooks, email, and Telegram.
17 System Skills: Higher-Order Agent Capabilities
Skills are composable, higher-order capabilities that combine multiple tools into coherent workflows. While tools are atomic operations, skills orchestrate multi-step processes that agents use to accomplish complex objectives. Each skill documented on spawn.os.moda/skill includes trust requirements, tool dependencies, and usage examples.
Self-Heal
Detect failures, diagnose root cause, and automatically recover agent processes with state preservation.
Code Review
Analyze code changes, identify bugs and security issues, suggest improvements using LLM-powered analysis.
Deploy
Build, test, and deploy applications with NixOS reproducible builds and atomic rollback capability.
Monitor
Track system health, resource usage, daemon status, and agent performance with configurable alerts.
Backup
Create encrypted, incremental backups of agent state, knowledge bases, and system configuration.
Research
Gather, analyze, and synthesize information from the web and local knowledge bases using RAG pipelines.
Communicate
Send notifications, alerts, and reports via email, Telegram, webhooks, and voice channels.
Secure
Audit permissions, rotate credentials, check for vulnerabilities, and enforce security policies.
Learn
Ingest new knowledge, update embeddings, retrain retrieval models, and expand the agent's capabilities.
Automate
Create and manage background routines, scheduled tasks, and event-driven automation workflows.
Network
Manage mesh connections, peer discovery, and cross-node agent coordination with post-quantum encryption.
Configure
Manage NixOS configuration, daemon settings, and system parameters with declarative state management.
Debug
Inspect running processes, analyze logs, trace system calls, and diagnose performance issues.
Migrate
Transfer agent state, knowledge bases, and configurations between osModa instances.
Scale
Add mesh peers, distribute workloads, and horizontally scale agent infrastructure.
Audit
Review hash-chained audit trail, verify action integrity, and generate compliance reports.
Teach
Create teaching materials, document workflows, and train new agents using knowledge distillation.
Three-Ring Trust Architecture
osModa's security model is built on a three-ring trust architecture inspired by CPU privilege rings. Each ring defines what code can access and what actions are permitted. This model ensures agents cannot escape their sandbox while still having enough capability to be genuinely useful.
Ring 0 โ System Core
Immutable NixOS root & daemon binaries
The most privileged ring. Contains the NixOS store, daemon binaries, kernel modules, and system configuration. No agent can modify Ring 0 โ it is read-only and managed exclusively through NixOS declarative configuration. Changes to Ring 0 require a full system rebuild, which creates an atomic snapshot that can be rolled back if anything goes wrong.
Ring 1 โ User-Approved Tools
Explicit user consent required for each tool
Ring 1 contains tools and capabilities that require explicit user approval before agents can use them. This includes system commands, network access, credential retrieval, and process management. Each Ring 1 tool invocation is logged in the audit trail with the user approval record, creating a verifiable chain of authorized actions.
Ring 2 โ Agent Sandbox
Restricted workspace with limited capabilities
The default agent workspace. Agents can freely read/write within their designated directory, use basic tools (file operations, JSON parsing, key-value storage), and interact through approved channels. All other operations require escalation to Ring 1 with user approval. Ring 2 operations are still logged but do not require per-action consent.
Hash-Chained Audit Trail
Every action across all three rings is recorded in a tamper-evident, hash-chained audit log. Each entry includes a SHA-256 hash of the previous entry, creating a blockchain-like chain of evidence. If any entry is modified after the fact, the chain breaks and the tampering is immediately detectable. This provides forensic-grade accountability for all agent operations.
[2026-03-01T14:23:01Z] ring=2 agent=research-bot action=read_file target=/workspace/data.json hash=a3f2... [2026-03-01T14:23:02Z] ring=1 agent=research-bot action=http_request target=api.example.com prev=a3f2... hash=b7c1... [2026-03-01T14:23:03Z] ring=2 agent=research-bot action=write_file target=/workspace/results.json prev=b7c1... hash=d4e9...
Post-Quantum P2P Mesh Networking
The osmoda-mesh daemon implements a decentralized peer-to-peer network that allows osModa instances to discover each other, share knowledge, and coordinate agent tasks โ all without a central server. What makes it exceptional is the ML-KEM-768 (Kyber) post-quantum key encapsulation, which ensures that even future quantum computers cannot decrypt mesh traffic.
How the Mesh Works
- 1Peer Discovery: Nodes announce themselves via mDNS on local networks or through bootstrap nodes for WAN.
- 2Key Exchange: ML-KEM-768 handshake establishes a quantum-resistant shared secret between peers.
- 3Channel Encryption: All subsequent communication uses AES-256-GCM with the post-quantum derived key.
- 4Agent Coordination: Agents on different nodes can share tasks, transfer knowledge, and coordinate actions.
Why Post-Quantum Matters
Current encryption (RSA, ECDH) is vulnerable to quantum computers running Shor's algorithm. While large-scale quantum computers don't exist yet, adversaries can record encrypted traffic today and decrypt it when quantum computers become available โ a โharvest now, decrypt laterโ attack.
osModa's mesh uses ML-KEM-768 (formerly known as CRYSTALS-Kyber), a NIST-standardized post-quantum algorithm. This means mesh traffic encrypted today will remain secure even against future quantum adversaries โ critical for autonomous agents handling sensitive operations.
Safety Model & Emergency Commands
Autonomous agents need a kill switch. osModa provides three escalating emergency commands that provide instant containment at different severity levels:
STOP
Severity: Medium
Gracefully stops all running agent processes. Agents complete their current operation, save state, and shut down cleanly. Daemon services continue running for monitoring.
FREEZE
Severity: High
Immediately suspends all agent processes (SIGSTOP). No more operations execute, but process state is preserved in memory. Useful for investigation โ you can inspect what agents were doing before deciding whether to resume or terminate.
LOCKDOWN
Severity: Critical
Nuclear option. Immediately kills all agent processes, blocks all network egress, locks the credential vault, and makes the agent workspace read-only. Only a system administrator with Ring 0 access can lift lockdown.
Defense-in-Depth Safety Layers
Three-Ring Trust Model
Agents operate in Ring 2 sandbox. Ring 1 requires explicit user approval. Ring 0 is immutable.
Egress Filtering
osmoda-egress blocks all outbound traffic not on the allowlist. No surprise API calls.
Filesystem Monitoring
osmoda-watch detects any unauthorized file modifications in real-time.
Hash-Chained Audit
Every action is recorded in a tamper-evident log. Nothing can be silently deleted.
NixOS Atomic Rollback
If the system enters a bad state, roll back to the last known-good configuration instantly.
Credential Isolation
osmoda-keyd only releases secrets to authorized operations. Keys are encrypted at rest.
Deployment: Spawn vs Self-Hosted
Spawn Managed Hosting
Deploy via spawn.os.moda for the fastest path to production. One-click deployment, managed updates, and a web dashboard for monitoring all 9 daemons.
- One-click deployment in minutes
- Automatic NixOS updates and security patches
- Web dashboard with real-time monitoring
- Managed backups and disaster recovery
- Technical support via Telegram and Discord
- No NixOS expertise required
Self-Hosted
Clone from GitHub and build on your own NixOS hardware. Full control over configuration, hardware, and networking. Apache-2.0 licensed โ free forever.
- Full control over hardware and configuration
- Apache-2.0 license โ no vendor lock-in
- Custom daemon configuration via NixOS modules
- Air-gapped deployment capability
- Community support via GitHub and Telegram
- Requires NixOS administration experience
git clone https://github.com/bolivian-peru/os-moda cd os-moda && nix build .#osmoda
Frequently Asked Questions
Ready to Deploy Autonomous AI Agents?
Whether you choose Spawn managed hosting or self-host the open-source stack, osModa gives your AI agents the infrastructure they need to operate autonomously, safely, and at scale.
Related Reading
osModa Review 2026: AI Agent Hosting on Self-Healing NixOS Servers
Our comprehensive partner review with pricing, pros/cons, and competitive analysis.
The End of Traditional UI: Why Agents Will Replace the Interface Paradigm
Eric Schmidt's prediction about the death of interfaces and what it means for AI agents.
MCP Server: Transform Your AI Coding Workflow
How the Model Context Protocol enables AI agents to use external tools securely.