feat(examples): add bb-edr agentic EDR example

Adds examples/bb-edr showing audit log -> triage loop and updates hello-secure-agent to use local @hushclaw/openclaw build.

Author: ConnorWhelan11

docs/src/guides/openclaw-integration.md

@@ -37,3 +37,5 @@ hushclaw policy lint .hush/policy.yaml
 
 - OpenClaw plugin docs: `packages/hushclaw-openclaw/docs/`
 - OpenClaw plugin code: `packages/hushclaw-openclaw/src/`
+- Example (minimal wiring): `examples/hello-secure-agent/`
+- Example (agentic EDR triage loop): `examples/bb-edr/`

examples/bb-edr/.gitignore

@@ -0,0 +1,5 @@
+.hush/
+reports/
+state/
+node_modules/
+

examples/bb-edr/README.md

@@ -0,0 +1,56 @@
+# bb-edr (Agentic EDR Example)
+
+This example demonstrates an **agentic EDR-style loop** for OpenClaw agents:
+
+1. **Detect**: record policy decisions (allowed/denied) as audit events
+2. **Triage**: summarize denied activity and group by guard
+3. **Respond**: write an incident report and optionally emit a simple blocklist artifact
+
+It uses `@hushclaw/openclaw` as the policy engine + OpenClaw integration layer.
+
+> This is a teaching example. It does **not** implement OS-level telemetry or syscall interception.
+
+## Quick Start (no OpenClaw required)
+
+```bash
+cd examples/bb-edr
+
+# Validate the policy schema
+npm run policy:lint
+
+# Generate a demo audit log from scenario.json
+npm run simulate
+
+# Triage denied events into a report
+npm run triage
+
+# Inspect denied events
+npm run audit:denied
+```
+
+## Files
+
+- `policy.yaml` — policy enforced by hushclaw
+- `scenario.json` — a small set of simulated tool actions
+- `simulate.js` — writes `.hush/audit.jsonl` from the scenario
+- `triage.js` — reads `.hush/audit.jsonl` and writes `reports/`
+- `openclaw.json` — OpenClaw configuration (enables `@hushclaw/openclaw` in **audit** mode)
+- `skills/edr-triage/SKILL.md` — how an OpenClaw triage agent should operate
+
+## Using with OpenClaw
+
+If you have OpenClaw installed, you can point an agent at the same audit log and policy:
+
+```bash
+openclaw run --config ./openclaw.json
+```
+
+Suggested prompts:
+
+- “Read `.hush/audit.jsonl` and write a short incident report to `./reports/incident.md`.”
+- “Explain the denied events and recommend the smallest policy changes to allow only the legitimate ones.”
+
+## Adapting this to your own agentic EDR
+
+- Replace `scenario.json` with events generated from your real tool boundary (or your own telemetry).
+- Extend `triage.js` into a responder that creates structured tickets, enriches with context, and gates actions with `policy_check`.

examples/bb-edr/openclaw.json

@@ -0,0 +1,46 @@
+{
+  "$schema": "https://openclaw.dev/schemas/config.json",
+  "name": "bb-edr",
+  "version": "0.1.0",
+  "description": "Agentic EDR-style example (hushclaw audit log -> triage agent)",
+
+  "agent": {
+    "model": "gpt-4",
+    "system_prompt": "You are an EDR triage agent. Use the available tools to read audit events, summarize suspicious activity, and propose a minimal, safe response.",
+    "max_tokens": 4096,
+    "temperature": 0.2
+  },
+
+  "skills": [
+    "./skills/edr-triage"
+  ],
+
+  "tools": {
+    "builtin": [
+      "read_file",
+      "write_file",
+      "list_directory"
+    ]
+  },
+
+  "plugins": {
+    "entries": {
+      "@hushclaw/openclaw": {
+        "enabled": true,
+        "config": {
+          "policy": "./policy.yaml",
+          "mode": "audit",
+          "logLevel": "info",
+          "guards": {
+            "forbidden_path": true,
+            "egress": true,
+            "secret_leak": true,
+            "patch_integrity": true,
+            "mcp_tool": false
+          }
+        }
+      }
+    }
+  }
+}
+

examples/bb-edr/package.json

@@ -0,0 +1,22 @@
+{
+  "name": "bb-edr",
+  "version": "0.1.0",
+  "private": true,
+  "description": "Agentic EDR-style example for OpenClaw + hushclaw",
+  "main": "simulate.js",
+  "scripts": {
+    "policy:lint": "node ./tools/hushclaw.js policy lint ./policy.yaml",
+    "simulate": "node simulate.js",
+    "triage": "node triage.js",
+    "audit:denied": "node ./tools/hushclaw.js audit query --denied"
+  },
+  "keywords": [
+    "openclaw",
+    "hushclaw",
+    "edr",
+    "agentic",
+    "security"
+  ],
+  "license": "MIT",
+  "dependencies": {}
+}

examples/bb-edr/policy.yaml

@@ -0,0 +1,41 @@
+# Hushclaw/OpenClaw policy for the bb-edr example.
+#
+# This file is consumed by the @hushclaw/openclaw plugin (not the Rust `hushclaw::Policy` type).
+# Validate it with:
+#   npx hushclaw policy lint ./policy.yaml
+
+version: "hushclaw-v1.0"
+
+filesystem:
+  # Keep the EDR "response" actions contained to local folders.
+  allowed_write_roots:
+    - "./.hush"
+    - "./reports"
+    - "./state"
+  forbidden_paths:
+    - "~/.ssh"
+    - "~/.aws"
+    - "~/.gnupg"
+    - ".env"
+    - ".env.*"
+
+egress:
+  mode: allowlist
+  allowed_domains:
+    - "api.github.com"
+    - "api.openai.com"
+  denied_domains:
+    - "*.onion"
+    - "localhost"
+    - "127.*"
+    - "10.*"
+    - "192.168.*"
+
+execution:
+  denied_patterns:
+    - "rm\\s+(-rf?|--recursive)\\s+[/\\\\]"
+    - "curl\\s+[^|]*\\|\\s*(bash|sh|zsh)"
+    - "wget\\s+[^|]*\\|\\s*(bash|sh|zsh)"
+
+on_violation: cancel
+

examples/bb-edr/scenario.json

@@ -0,0 +1,41 @@
+{
+  "runId": "bb-edr-demo",
+  "actions": [
+    {
+      "action": "file_read",
+      "resource": "./README.md",
+      "note": "Read local documentation"
+    },
+    {
+      "action": "file_read",
+      "resource": "~/.ssh/id_rsa",
+      "note": "Simulated credential theft attempt"
+    },
+    {
+      "action": "network",
+      "resource": "https://api.github.com",
+      "note": "Allowed egress to GitHub API"
+    },
+    {
+      "action": "network",
+      "resource": "https://evil.com/exfil",
+      "note": "Simulated data exfiltration attempt"
+    },
+    {
+      "action": "command",
+      "resource": "ps aux",
+      "note": "Process inventory (policy-only check)"
+    },
+    {
+      "action": "command",
+      "resource": "rm -rf /",
+      "note": "Simulated destructive command"
+    },
+    {
+      "action": "file_write",
+      "resource": "./state/quarantine/evil.bin",
+      "note": "Simulated quarantine action"
+    }
+  ]
+}
+

examples/bb-edr/simulate.js

@@ -0,0 +1,92 @@
+#!/usr/bin/env node
+
+/**
+ * bb-edr (simulation)
+ *
+ * Generates an example `.hush/audit.jsonl` log by simulating a handful of tool actions
+ * (file reads/writes, egress, and commands), gating each one with hushclaw policy checks.
+ *
+ * This does NOT run OpenClaw. It demonstrates the data you can feed into an agentic EDR loop.
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+const { importOpenclawSdk } = require('./tools/openclaw');
+
+function loadScenario() {
+  const raw = fs.readFileSync('./scenario.json', 'utf8');
+  const parsed = JSON.parse(raw);
+
+  if (!parsed || typeof parsed !== 'object') {
+    throw new Error('Invalid scenario.json');
+  }
+  if (!Array.isArray(parsed.actions)) {
+    throw new Error('scenario.json must contain an "actions" array');
+  }
+
+  return parsed;
+}
+
+async function main() {
+  const { checkPolicy, AuditStore } = await importOpenclawSdk();
+
+  const config = {
+    policy: './policy.yaml',
+    mode: 'deterministic',
+    logLevel: 'error',
+  };
+
+  const scenario = loadScenario();
+  const runId = typeof scenario.runId === 'string' ? scenario.runId : 'bb-edr-demo';
+
+  const store = new AuditStore('.hush/audit.jsonl');
+  store.clear();
+
+  console.log('bb-edr (Simulated Agent Activity)');
+  console.log('================================\n');
+
+  for (const item of scenario.actions) {
+    const action = item.action;
+    const resource = item.resource;
+    const note = typeof item.note === 'string' ? item.note : '';
+
+    if (typeof action !== 'string' || typeof resource !== 'string') {
+      console.log(`[skip] invalid action entry: ${JSON.stringify(item)}`);
+      continue;
+    }
+
+    const decision = await checkPolicy(config, action, resource);
+
+    const status = decision.denied ? 'DENY' : decision.warn ? 'WARN' : 'ALLOW';
+    const guard = decision.guard ? ` (${decision.guard})` : '';
+    const reason = decision.reason ? ` - ${decision.reason}` : '';
+    const noteSuffix = note ? `  # ${note}` : '';
+
+    console.log(`[hushclaw] ${status}: ${action} ${JSON.stringify(resource)}${guard}${reason}${noteSuffix}`);
+
+    store.append({
+      type: action,
+      resource,
+      decision: decision.denied ? 'denied' : 'allowed',
+      guard: decision.guard,
+      reason: decision.reason,
+      runId,
+    });
+
+    // Optional side effect for the demo: create the "quarantine" file if policy allows it.
+    if (action === 'file_write' && !decision.denied) {
+      const absolute = path.resolve(resource);
+      fs.mkdirSync(path.dirname(absolute), { recursive: true });
+      fs.writeFileSync(absolute, `bb-edr quarantine artifact (${new Date().toISOString()})\n`);
+    }
+  }
+
+  console.log('\nWrote audit log: .hush/audit.jsonl');
+  console.log('Next: npm run triage');
+}
+
+main().catch((err) => {
+  console.error(err);
+  process.exit(1);
+});

examples/bb-edr/skills/edr-triage/SKILL.md

@@ -0,0 +1,30 @@
+# bb-edr: Triage Skill
+
+Use this skill to turn hushclaw audit logs into an incident report and a minimal response plan.
+
+## Inputs
+
+- `.hush/audit.jsonl` (JSONL) — hushclaw audit events (allowed/denied, guard, reason).
+- `policy.yaml` — the active security policy.
+
+## Task
+
+1. Read and summarize the last ~50 audit events.
+2. Focus on **denied** events first:
+   - Group by `guard` (e.g., `forbidden_path`, `egress`, `patch_integrity`)
+   - Identify likely intent (misconfiguration vs. suspicious)
+3. Produce a short incident report:
+   - What happened (timeline + key indicators)
+   - Impact assessment (what was attempted, what was blocked)
+   - Recommended response (least-privilege)
+4. If you propose any response action (writing files, changing config), **use `policy_check` first** and keep changes scoped to this project directory.
+
+## Output
+
+- Write `./reports/incident.md` containing the final report.
+
+## Notes (important)
+
+- hushclaw enforces at the **tool boundary**. It is not an OS sandbox.
+- If an operation is denied, treat it as a strong indicator of suspicious behavior or incorrect policy assumptions.
+

examples/bb-edr/tools/hushclaw.js

@@ -0,0 +1,15 @@
+#!/usr/bin/env node
+
+const { runHushclawCli } = require('./openclaw');
+
+function main() {
+  const args = process.argv.slice(2);
+  if (args.length === 0) {
+    console.error('usage: node ./tools/hushclaw.js <command> [...args]');
+    process.exit(2);
+  }
+  runHushclawCli(args);
+}
+
+main();
+