Robotic systems lack a principled abstraction for organizing intelligence, capabilities, and execution in a unified manner. Existing approaches either couple skills within monolithic architectures or decompose functionality into loosely coordinated modules or multiple agents, often without a coherent model of identity and control authority. We argue that a robot should be modeled as a single persistent intelligent subject whose capabilities are extended through installable packages. We formalize this view as AEROS (Agent Execution Runtime Operating System), in which each robot corresponds to one persistent agent and capabilities are provided through Embodied Capability Modules (ECMs). Each ECM encapsulates executable skills, models, and tools, while execution constraints and safety guarantees are enforced by a policy-separated runtime. This separation enables modular extensibility, composable capability execution, and consistent system-level safety. We evaluate a reference implementation in PyBullet simulation with a Franka Panda 7-DOF manipulator across eight experiments covering re-planning, failure recovery, policy enforcement, baseline comparison, cross-task generality, ECM hot-swapping, ablation, and failure boundary analysis. Over 100 randomized trials per condition, AEROS achieves 100% task success across three tasks versus baselines (BehaviorTree.CPP-style and ProgPrompt-style at 92--93%, flat pipeline at 67--73%), the policy layer blocks all invalid actions with zero false acceptances, runtime benefits generalize across tasks without task-specific tuning, and ECMs load at runtime with 100% post-swap success.

翻译：机器人系统缺乏一种原则性的抽象，能够以统一的方式组织智能、能力和执行过程。现有方法要么将技能耦合在单一架构中，要么将功能分解为松散协调的模块或多智能体系统，但通常缺乏对身份和控制权限的一致建模。我们认为，机器人应被建模为一个单一的持久智能主体，其能力通过可安装包进行扩展。我们将这一观点形式化为AEROS（智能体执行运行时操作系统），其中每个机器人对应一个持久智能体，能力通过具身能力模块（ECM）提供。每个ECM封装了可执行技能、模型和工具，而执行约束和安全保证则由策略分离的运行时强制执行。这种分离机制实现了模块化可扩展性、可组合的能力执行以及一致的系统级安全性。我们在PyBullet仿真环境中，使用Franka Panda七自由度机械臂对参考实现进行了评估，涉及八组实验，涵盖重规划、故障恢复、策略执行、基线对比、跨任务泛化性、ECM热插拔、消融研究和失败边界分析。在每种条件下进行超过100次随机试验，AEROS在三项任务中实现了100%的任务成功率（对比基线：BehaviorTree.CPP风格和ProgPrompt风格为92-93%，扁平流水线为67-73%），策略层以零误接受率阻止了所有无效动作，运行时收益无需任务特定调优即可跨任务泛化，且ECM在运行时加载实现了100%的交换后成功率。