examples: add atr-import community example (compile ATR YAML into AGT policies)

[eeee2345]

Summary

Following up on #908 which added the ATR cross-reference layer under examples/atr-community-rules/, this adds the data path: an agentos atr-import CLI subcommand that compiles ATR YAML rules into Agent OS YAML policies.

The #908 example produces one bundled PolicyDocument with all rules merged. This change emits one PolicyDocument per ATR category, which slots into AGT's folder-merge policy layout where each governance.yaml maps to one threat class. It also supports scope-glob targeting and compile-time filters by category, severity, or ATR ID prefix.

Scope

• New module agent_os.cli.cmd_atr_import registered as agentos atr-import <atr_dir>.
• Reuses feat(examples): add ATR community security rules for PolicyEvaluator #908's conversion helpers (_extract_regex_patterns, _validate_regex, _atr_to_agt_rule) so the ATR-to-AGT mapping stays single-sourced.
• --watch mode uses stdlib mtime polling — no new dependency.
• --manifest <path> emits a JSON build manifest for CI pipelines.
• 9 unit tests cover per-category emit, filters, schema validity, the watch loop, and manifest output.

Verification

• pytest tests/test_cmd_atr_import.py — 9 of 9 pass.
• ruff check clean on new files.
• End-to-end against the upstream ATR catalogue: 421 input files compile into 1681 rules across 9 category files. 11 rules with PCRE-only Unicode escapes are skipped with warnings (same as feat(examples): add ATR community security rules for PolicyEvaluator #908).

Why this helps

ATR is being adopted in Cisco AI Defense's skill-scanner and the MISP galaxy. Operators currently hand-roll the compile step or pin a copy of #908's example script. This makes that step a first-class CLI surface and keeps category granularity intact.

ATR is MIT-licensed. All commits are DCO Signed-off-by.

[github-actions]

🤖 AI Agent: docs-sync-checker — Docs Sync

Docs Sync

• examples/atr-import/import_atr.py -- missing docstrings for functions _category_of(), _severity_of(), _atr_id_of(), _walk_atr(), _passes_filter(), and compile_per_category().
• README.md -- section "Usage" needs update to reflect the new agentos atr-import CLI subcommand.
• CHANGELOG.md -- missing entry for new agentos atr-import CLI feature and its behavior changes.

[github-actions]

🤖 AI Agent: breaking-change-detector — API Compatibility

API Compatibility

No breaking changes detected.

[github-actions]

🤖 AI Agent: security-scanner — View details

No security issues found.

[github-actions]

🤖 AI Agent: test-generator — `examples/atr-import/import_atr.py`

examples/atr-import/import_atr.py

• test_compile_per_category_invalid_regex -- Validate behavior when ATR rules contain invalid regex patterns.
• test_compile_per_category_empty_directory -- Ensure function handles empty ATR directories gracefully.
• test_compile_per_category_maturity_filter -- Test filtering of rules based on maturity levels like "draft" or "test".
• test_compile_per_category_output_structure -- Verify the structure of generated PolicyDocument YAML files.
• test_watch_mode_file_change_detection -- Test --watch mode for detecting and responding to file changes.

examples/atr-import/test_import_atr.py

• test_import_pr908_module_not_found -- Ensure proper error handling when sync_atr_rules.py is missing.
• test_import_pr908_module_env_override -- Validate behavior when AGT_ATR_SYNC_PATH environment variable is set incorrectly.

[github-actions]

🤖 AI Agent: code-reviewer — Action Items:

TL;DR: 0 blockers, 2 warnings. The PR introduces a well-structured CLI tool for converting ATR YAML rules into AGT policies, but there are minor areas for improvement.

#	Sev	Issue	Where
1	Warn	Lack of robust error handling for file I/O and YAML parsing.	_walk_atr function in import_atr.py
2	Warn	No tests for --watch mode functionality.	test_cmd_atr_import.py

Action Items:

1. Add robust error handling for file I/O and YAML parsing in _walk_atr.
2. Include unit tests for --watch mode functionality in test_cmd_atr_import.py.

| Warnings | Follow-up PRs are fine. |

[github-actions]

🔴 Contributor Check: HIGH

Check	Result
Profile	HIGH
Credential	HIGH
Overall	HIGH

Automated check by AGT Contributor Check.

[github-actions]

PR Review Summary

Check	Status	Details
🔍 Code Review	⚠️ Warning	See details
🛡️ Security Scan	✅ Passed	No issues found
🔄 Breaking Changes	✅ Passed	No issues found
📝 Docs Sync	✅ Passed	No issues found
🧪 Test Coverage	✅ Completed	Analysis complete

Verdict: ⚠️ Ready for human review

[eeee2345]

For the Contributor Check HIGH flag — context that may help reviewers:

This PR is a direct follow-up on #908 (merged 2026-04-13), which added the ATR cross-reference layer under examples/atr-community-rules/. The data path being added now (compiled per-category PolicyDocuments slotted into AGT's folder-merge layout) is what #908's example produces in bundled form. Same conversion helpers (_extract_regex_patterns, _validate_regex, _atr_to_agt_rule), same regex test fixtures, same AGT folder-merge layout assumptions.

I'm the maintainer of Agent Threat Rules (https://github.com/Agent-Threat-Rule/agent-threat-rules, MIT licensed, v2.2.1, 419 rules across 10 categories). External production references:

• Cisco AI Defense skill-scanner — PRs fix: resolve 44 code scanning alerts #79 and feat: Bootstrap integrity verification + governance certification CLI #99 (merged)
• MISP galaxy and taxonomies — merged 2026-05-10, distributed to EU national CERTs
• OWASP Agent Security Reference Hub — PR [Feature] Add policy-as-code CI/CD pipeline and schema validation #74 merged 2026-05-11
• Gen Digital Sage (Norton / Avast parent) — PR Submit conference talks on AI agent governance #33 merged
• Five Eyes joint guidance on AI system security referenced ATR on 2026-05-01

Reachable at adam@agentthreatrule.org.

Re: the AI-agent bot feedback:

1. docs-sync-checker (README + CHANGELOG) — will push a follow-up commit on this PR today adding the agentos atr-import CLI section to README and a CHANGELOG entry.

2. code-reviewer warnings — will add input validation for atr_dir and out_dir in the same follow-up, plus the missing --watch mode tests so test coverage doesn't degrade.

3. breaking-change-detector / security-scanner / test-generator — already addressed or non-blocking per the bot summary.

Will ping here once the follow-up commit is in.

[eeee2345]

Follow-up commit pushed (14c41c4):

• README.md: agentos atr-import example block added to CLI Tool section
• CHANGELOG.md: Unreleased "Added" entry
• cmd_atr_import.py: boundary path validation in cmd_atr_import() — fails fast with exit code 1 on nonexistent atr_dir, non-directory atr_dir, or unwritable out_dir parent
• test_cmd_atr_import.py: 3 new CLI-entry tests (TestCmdAtrImportValidation). Total tests 9 → 12, all green locally.

This addresses the docs-sync-checker and code-reviewer warnings. The contributor-check HIGH flag should re-evaluate once the bot picks up the commit.

[imran-siddique]

TL;DR: 2 blockers, not mergeable yet.

Sev	Issue	Location
⛔	HIGH-risk contributor flag - needs maintainer sign-off on design	repo-wide
⛔	No existing review coverage - 805 new lines adding a first-class CLI surface needs architecture validation	cmd_atr_import.py
⚠️	Watch mode uses mtime polling (acceptable for now, follow-up for fsnotify)	cmd_atr_import.py

Action: Holding for maintainer architecture review. The ATR-to-AGT mapping reuse from #908 is good, but promoting an example script to a CLI subcommand is a design decision that needs explicit sign-off.

[imran-siddique]

TL;DR: 1 blocker. Not mergeable in current form.

#	Sev	Issue	Where
1	Block	Core CLI should not take a dependency on external non-stdlib projects like ATR	\cmd_atr_import.py\

#1: We avoid adding core dependencies on external libraries/specs beyond Python stdlib. The right path is: create a standalone repo (e.g. \�tr-agent-governance-examples) with a solid example showing the ATR-to-AGT compile flow, and own it as a community integration. We will support it via \�xamples/\ and community docs. This keeps AGT's core surface stable and lets the ATR integration evolve independently.

Suggested next steps: extract this into a new repo with good examples, and we can link it from our community/ecosystem docs.

[imran-siddique]

Agreeing with the prior review: this should not be a first-party CLI subcommand in agent-os core. ATR is an external project, and adding it to the core CLI creates a maintenance dependency we should avoid.

Recommendation: move to a standalone community example or plugin under \�xamples/atr-import/. The implementation quality is solid, just needs to live outside core.

[imran-siddique]

Hey @eeee2345 — just checking in. Are you still working on addressing the review feedback? Happy to help if you have questions.

[eeee2345]

Hi @imran-siddique — sincere apology for the lag. I missed your 5/17 review yesterday (looked at the comments thread but didn't catch the formal CHANGES_REQUESTED on the reviews tab) and ended up only addressing the AI-agent bot warnings rather than the architectural concern. That's on me.

I agree with the architecture decision: this should not be a first-party CLI surface in agent-os core, and the ATR dependency should live in examples/ (or as a separate community repo).

Plan for the next push (today, within a few hours):

1. Remove the CLI subcommand registration from agent_os/cli/__init__.py (lines 17, 621-623, 652-657).
2. Move cmd_atr_import.py → examples/atr-import/import_atr.py as a standalone runnable script. Keeps the existing argparse so operators can run python examples/atr-import/import_atr.py <atr_dir> --out <out_dir> directly. No import path from agent_os.cli.
3. Move tests to examples/atr-import/test_import_atr.py (or remove if examples/ is not expected to ship tests — let me know preference).
4. Add examples/atr-import/README.md with the usage block currently in the agent-os root README.
5. Revert the README CLI section and the CHANGELOG entry — since this is no longer a core feature.
6. Keep using feat(examples): add ATR community security rules for PolicyEvaluator #908's conversion helpers via the existing AGT_ATR_SYNC_PATH env hook in the example, so the ATR-to-AGT mapping stays single-sourced.

If you prefer the standalone repo path (atr-agent-governance-examples) over examples/atr-import/, say so and I'll move the work there instead and close this PR.

Will push the restructure + ping here when ready.

[eeee2345]

@imran-siddique — restructure pushed (e1dd7e0). Took the examples/atr-import/ path within this repo since the implementation is small and keeps the link to examples/atr-community-rules/ from #908 obvious.

Summary of the diff (158 insertions / 73 deletions across 6 files):

• agent-governance-python/agent-os/src/agent_os/cli/cmd_atr_import.py → examples/atr-import/import_atr.py (standalone script, own argparse, __main__ block).
• agent-governance-python/agent-os/tests/test_cmd_atr_import.py → examples/atr-import/test_import_atr.py (importlib-loads the example file; the PolicyDocument schema check does an optional import so it works with or without agent_os installed).
• Reverted agent_os/cli/__init__.py to main (no atr-import subcommand registration on lines 17, 621-623, 652-657).
• Reverted the agent-os README CLI Tool block and the agent-os CHANGELOG Added entry.
• Added examples/atr-import/README.md.

No core surface change, no new core dependency. ATR-to-AGT rule mapping still single-sourced in examples/atr-community-rules/sync_atr_rules.py via importlib + the existing AGT_ATR_SYNC_PATH env hook.

12 of 12 tests pass locally:

pytest examples/atr-import/test_import_atr.py

The bot warnings from the previous pass (docs-sync, code-reviewer, contributor-check) should reset since the file is no longer a core CLI surface. Happy to re-title this PR to examples: add atr-import community example if that helps the review framing — let me know.

[eeee2345]

@imran-siddique — restructure pushed in e1dd7e0. Moved everything out of the core CLI into examples/atr-import/ alongside examples/atr-community-rules/ from #908. The core CLI no longer takes any ATR dependency.

Ready for re-review when convenient.

[imran-siddique]

TL;DR: 0 blockers, approve.

Clean restructure into examples/atr-import/ as discussed. No core surface changes, standalone script with own argparse. Nice README.