feat: implement malware quarantine vault in SystemAgent (#416)

[Viidhii19]

Summary

This PR implements the Filesystem Quarantine Vault within the SystemAgent's process termination flow to securely isolate malware executables after mitigation, preventing reinfection while preserving the binaries for forensic analysis.

Closes #416

---

Type of change

• Bug fix
• New feature / enhancement
• Documentation update
• Tests / CI
• Performance improvement
• Refactor (no functional change)

---

Changes made

• daemon/pilot/agents/executor.py (_exec_process_kill):
  • Integrated psutil.Process(pid).exe() to securely trace and map the targeted PID to its binary executable path prior to process termination.
  • Added a psutil.Process.wait(timeout=3.0) blocking phase to ensure the operating system releases active file handles, eliminating file-lock race conditions specifically present on Windows systems.
  • Implemented the quarantine logic using shutil.move() to transfer the executable to ~/.heliox/quarantine/ renamed with a timestamp hash to prevent collisions.
  • Enforced defanging using os.chmod(..., 0o600) to strip execution capabilities from the file.
  • Configured robust try/except handling for NoSuchProcess and AccessDenied constraints.
  • Injected audit logging into the return string to verify the quarantine actions across the agent loops.

---

How to test

1. Spawn the daemon in development mode and simulate a malicious process (e.g., a simple python script running in a loop).
2. Trigger the SystemAgent via Heliox OS to kill the process by providing its PID.
3. Validate that the process correctly terminates and closes cleanly.
4. Navigate to ~/.heliox/quarantine/ and confirm that the executable file has been relocated here, renamed with a timestamp, and can no longer be executed.
5. Check the system log/results output to verify the [Quarantine Vault] success audit entry was properly appended.

---

Checklist

• I have read the CONTRIBUTING.md
• My code follows the existing code style
• I have added/updated tests where applicable
• All existing tests pass (pytest for backend, npm run test for frontend)
• I have updated documentation if needed
• I have tested on at least one platform (Windows / macOS / Linux)

---

Screenshots / recordings (if UI change)

N/A - Backend SystemAgent operation.

---

GSSoC declaration

• This contribution is made under the GSSoC 2026 program
• I have not plagiarised code from other repositories

[Viidhii19]

Hye @VyomKulshrestha !
Please check if any changes are there.
Thank you.