Modified 4 files

- Modified files:
.devx/6-agent-safety/img/defense_layers_comparison.mmd,
.devx/6-agent-safety/img/enforcement_spectrum.mmd,
.devx/6-agent-safety/img/nemoclaw_stack.mmd, README.md

Author: nv-edwli

.devx/6-agent-safety/img/defense_layers_comparison.mmd

@@ -22,7 +22,7 @@ graph LR
         end
 
         subgraph "Data (NEW in M6)"
-            L8["Layer 8: Privacy Router<br/>(Module 6)<br/>Sensitivity classification"]
+            L8["Layer 8: Privacy Router<br/>(Module 6)<br/>Operator-chosen routing"]
         end
     end
 

.devx/6-agent-safety/img/enforcement_spectrum.mmd

@@ -15,7 +15,7 @@ graph LR
         C1["Landlock LSM<br/>Per-path file access"]
         C2["seccomp BPF<br/>Syscall filtering"]
         C3["Network Proxy<br/>Per-endpoint control"]
-        C4["Privacy Router<br/>Data classification"]
+        C4["Privacy Router<br/>Operator-chosen routing"]
     end
 
     A1 --> A2 --> A3

.devx/6-agent-safety/img/nemoclaw_stack.mmd

@@ -6,28 +6,35 @@ graph TB
             OC["OpenClaw Agent<br/>SOUL.md + HEARTBEAT.md<br/>Markdown memory"]
         end
 
+        subgraph "Application Layer (your code, Exercise 5)"
+            CL["Content Classifier<br/>PII / proprietary / public"]
+        end
+
         subgraph "Routing Layer"
-            PR["Privacy Router<br/>Data classification<br/>Local vs. Cloud routing"]
+            PR["Privacy Router (inference.local)<br/>Credential injection<br/>+ operator-chosen backend"]
         end
 
         subgraph "Inference Layer"
-            NEM["Nemotron 3 Nano 4B<br/>Local inference<br/>(sensitive data)"]
-            CLOUD["Cloud Frontier Model<br/>Remote inference<br/>(public data)"]
+            NEM["Nemotron 3 Nano 4B<br/>Local inference"]
+            CLOUD["Cloud Frontier Model<br/>Remote inference"]
         end
 
         subgraph "Enforcement Layer"
             OS["OpenShell Runtime<br/>Landlock + seccomp + network proxy"]
-            POL["Policy YAML<br/>filesystem + process + network"]
+            POL["Policy YAML + openshell inference set<br/>filesystem + process + network + backend"]
         end
     end
 
-    OC -->|"All queries"| PR
-    PR -->|"Restricted /<br/>Confidential"| NEM
-    PR -->|"Public"| CLOUD
+    OC -->|"All queries"| CL
+    CL -->|"Routes per sensitivity"| PR
+    PR -->|"When operator backend = local"| NEM
+    PR -->|"When operator backend = cloud"| CLOUD
     OS -->|"Enforces"| OC
     POL -->|"Configures"| OS
+    POL -.->|"Sets active backend"| PR
 
     style OC fill:#9c27b0,color:#fff
+    style CL fill:#ffeb3b,color:#000
     style PR fill:#ff9800,color:#000
     style NEM fill:#2196f3,color:#fff
     style CLOUD fill:#673ab7,color:#fff

README.md

@@ -9,7 +9,7 @@ This workshop provides everything you need to become proficient in agentic AI de
 * **Module 3 - Agent Evaluation**: Learn to measure and improve agent quality using RAGAS metrics and LLM-as-a-judge techniques
 * **Module 4 - Agent Customization**: Customize your agent beyond prompt engineering and tools with agent skills and reinforcement learning (RL).
 * **Module 5 - Deep Agents**: Build deep agents that autonomously handle complex, multi-step tasks—and learn to run them safely and securely in production with sandboxing and isolation.
-* **Module 6 - Agent Safety**: Secure autonomous agents with kernel-level enforcement (OpenShell), data sensitivity routing (Privacy Router), red-team testing, and continuous safety evaluation using NVIDIA's NemoClaw stack.
+* **Module 6 - Agent Safety**: Secure autonomous agents with kernel-level enforcement (via OpenShell) and privacy routing using NVIDIA's NemoClaw stack.
 
 At the end of this workshop, you will take home:
 
@@ -91,13 +91,13 @@ Build autonomous agents that handle complex, multi-step tasks with planning and
 
 Secure autonomous agents with kernel-level enforcement, data routing, and continuous safety evaluation.
 
-**What you'll build**: A safety evaluation suite that validates OpenShell policies, classifies sensitive data for local/cloud routing, runs red-team probes against a live OpenClaw agent, and scores agent behavior using LLM-as-judge — the same patterns used in NVIDIA's NemoClaw stack.
+**What you'll build**: An OpenClaw personal assistant agent that executes inside and outside of an Openshell sandbox, complete with network and filesystem policies that demonstrate how the NVIDIA NemoClaw reference stack improves agent security.
 
 **Key concepts**:
 - Why application-level controls (M4) and container isolation (M5) are insufficient for always-on agents
 - Setting up and running an OpenClaw autonomous agent
 - Kernel-level enforcement with OpenShell (Landlock LSM, seccomp BPF, OPA proxy)
-- Data sensitivity classification and local/cloud routing (Privacy Router)
+- Improved security for routing inference via a privacy router
 - Red-team testing with adversarial probes
 - Safety evaluation using LLM-as-judge (extending M3's evaluation framework)
 - The NemoClaw reference architecture (OpenClaw + OpenShell + Nemotron + Privacy Router)