4 specialised OpenClaw agents for Essential Eight ML2 compliance.
E8CR Squad is an open-source autonomous agent framework that continuously monitors and reports on your organisation's Essential Eight Maturity Level 2 compliance posture against a Microsoft 365 tenant.
┌─────────────────────────┐
│ run_all.py │
│ Unified Orchestrator │
└────────┬────────────────┘
│
┌──────────┬───────────┼───────────┬──────────┐
▼ ▼ ▼ ▼ │
┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐│
│ VM+PM │ │ Identity │ │ AppCtrl │ │ Backup ││
│ Bot │ │ Bot │ │ Bot │ │ Bot ││
│ │ │ │ │ │ │ ││
│ Patch │ │ MFA + │ │ WDAC + │ │ Regular ││
│ Apps/OS │ │ Admin │ │ Macros + │ │ Backups ││
│ │ │ Privs │ │ Hardening│ │ ││
└────┬─────┘ └────┬─────┘ └────┬─────┘ └────┬─────┘│
│ │ │ │ │
▼ ▼ ▼ ▼ │
Graph API Graph API Graph API Veeam/Azure │
Intune/MDVM Entra ID Intune Backup │
Greenbone │
CISA KEV │
│
┌───────────────────────────────┘
▼
┌─────────────┐
│ Unified │
│ Assessment │
│ Report │
└─────────────┘
Each bot is a fully autonomous OpenClaw operator with its own identity, memory, and operating doctrine — not just a script wrapper.
Most "AI security" repos are wrappers around Python scripts.
E8CR is built as four autonomous OpenClaw operators with distinct personalities, memory, and operating standards:
- VM+PM Bot — patch applications + patch OS
- Identity Bot — MFA + admin privilege governance
- Application Control Bot — WDAC/macros/hardening
- Backup Bot — backup monitoring + restore assurance
Each bot can reason and operate independently, with its own cadence and escalation logic.
Every bot includes:
SOUL.md— decision style + risk postureAGENTS.md— operational doctrine + human-in-the-loop controlsMEMORY.md— state, baselines, drift historyTOOLS.md— script semantics + interpretationHEARTBEAT.md— cadence + prioritiesSKILL.md— OpenClaw runtime interfacereferences/*.md— ML2 control requirements
E8CR is designed to run on your infrastructure, under your control:
- Data sovereignty: Compliance evidence never leaves your environment. No third-party SaaS sees your tenant's security posture.
- Audit independence: Evidence is cryptographically signed (HMAC-SHA256). Assessors can independently verify nothing has been tampered with.
- Least privilege: Each bot has its own Azure AD app registration with read-only permissions. You control exactly what each bot can see.
- No vendor lock-in: Apache 2.0 licensed. Fork it, modify it, run it your way.
- Air-gapped capable: Core scripts use Python standard library only. No cloud dependencies beyond the Graph API calls themselves.
For Australian organisations handling government data or operating under ISM controls, self-hosted compliance tooling is often a requirement, not a preference.
# Clone the repo
git clone https://github.com/RADobson/e8cr-squad.git
cd e8cr-squad
# Run all 4 bots with synthetic data
python3 run_all.py --demo --output ./my-assessment
# Open the unified compliance report
open ./my-assessment/e8cr-assessment.htmlThe demo generates realistic synthetic data (a fictional 148-seat organisation called Meridian Civil Group) so you can see exactly what the reports look like before connecting to a real tenant.
docker build -t e8cr-squad .
docker run --rm -v ./output:/output e8cr-squad --demo --output /output
open ./output/e8cr-assessment.htmlThere are two layers:
-
OpenClaw autonomy layer (primary)
- Reads each bot's
SKILL.md,SOUL.md,AGENTS.md,TOOLS.md,MEMORY.md - Decides what to run and when
- Interprets findings against ML2 requirements
- Tracks drift over time
- Escalates based on bot-specific rules
- Reads each bot's
-
Execution layer (embedded scripts)
- Python scripts provide API calls, data collection, and report generation
- These scripts are implementation details used by the OpenClaw bots
E8CR is OpenClaw-first and OpenClaw-required. The scripts exist to serve the agents.
OpenClaw repo: https://github.com/openclaw/openclaw OpenClaw docs: https://docs.openclaw.ai/start/getting-started
| Bot | Controls |
|---|---|
| VM+PM | Patch Applications, Patch OS |
| Identity | Multi-factor Authentication, Restrict Administrative Privileges |
| Application Control | Application Control, Configure MS Office Macros, User Application Hardening |
| Backup | Regular Backups |
All 8 Essential Eight controls at Maturity Level 2 are covered.
Use one OpenClaw instance per bot for isolation:
- separate memory/context per control domain
- independent schedules and escalation channels
- lower blast radius on failures
- least-privilege per bot in production
See complete setup: examples/openclaw-multi-instance/README.md
Write actions are disabled by default.
export E8CR_ENABLE_CHANGES=trueOnly enable after reviewing audit output and rollout plan. All bots enforce a Draft → Review → Publish workflow for reports and require human approval for any write actions. See each bot's AGENTS.md for the full human-in-the-loop controls.
E8CR is designed with security-first principles:
- Audit-only by default — no write actions unless explicitly enabled
- Least-privilege Graph API — each bot needs only read permissions
- Signed evidence packs — HMAC-SHA256 tamper-evident manifests
- No secrets in code — all credentials via environment variables
- One app registration per bot — blast radius reduction
See docs/SECURITY.md for the full threat model, hardening guide, and permission matrix.
Multiple deployment options are supported:
- Docker —
docker-compose.ymlwith all 4 bots as isolated services - Systemd — service and timer files for Linux servers
- macOS launchd — LaunchAgent plists for Mac mini deployment
- Ansible — automated deployment playbook
See docs/DEPLOYMENT.md for step-by-step instructions including Azure AD app registration.
| Document | Description |
|---|---|
| ARCHITECTURE.md | System architecture, trust boundaries, data flows |
| SECURITY.md | Threat model, hardening, permissions |
| DEPLOYMENT.md | Step-by-step deployment guide |
| CONTRIBUTING.md | How to contribute |
| CHANGELOG.md | Version history |
# Install test dependencies
pip install -r requirements-dev.txt
# Run the full test suite
pytest tests/ -v
# Run specific test files
pytest tests/test_evidence_pack.py -v
pytest tests/test_demo_pipelines.py -vThe test suite covers evidence pack signing/verification, drift detection, schema validation, individual bot demo pipelines, and the unified orchestrator.
E8CR Squad uses semantic versioning. Releases are triggered by pushing a tag:
git tag v1.2.0
git push origin v1.2.0This triggers the release workflow which:
- Runs the full test suite
- Builds and pushes a Docker image to
ghcr.io/radobson/e8cr-squad - Creates a GitHub Release with auto-generated changelog and demo report artifacts
Python 3.10+. Core scripts use standard library. Optional Greenbone support:
pip install -r requirements.txtDev dependencies (testing only):
pip install -r requirements-dev.txte8cr-squad/
├── run_all.py # Unified orchestrator
├── shared/ # Shared libraries (auth, Graph client, evidence signing, maturity scoring, report template)
├── scripts/ # Utility scripts (evidence verification)
├── tests/ # Pytest test suite
├── e8cr-vmpm/ # Vulnerability & Patch Management bot
├── e8cr-identity/ # Identity & Access Management bot
├── e8cr-appcontrol/ # Application Control & Hardening bot
├── e8cr-backup/ # Backup Monitoring bot
├── docs/ # Architecture, security, deployment guides
├── examples/ # OpenClaw multi-instance deployment example
├── deployment/ # Ansible playbook
├── Dockerfile # Container build
├── docker-compose.yml # Multi-service container deployment
├── CONTRIBUTING.md
└── LICENSE
- Not a one-click compliance certification tool
- Not a substitute for a qualified assessor
- Not a SaaS product
This is an open-source autonomous compliance operator framework.
See CONTRIBUTING.md.
Built by Richard Dobson · Powered by OpenClaw