README.md
NVIDIA NemoClaw is an open source reference stack that simplifies running OpenClaw always-on assistants safely. It installs the NVIDIA OpenShell runtime, part of NVIDIA Agent Toolkit, a secure environment for running autonomous agents, and open source models such as NVIDIA Nemotron.
Alpha software
NemoClaw is available in early preview starting March 16, 2026. Interfaces, APIs, and behavior may change without notice as we iterate on the design. The project is shared to gather feedback and enable early experimentation. We welcome issues and discussion from the community while the project evolves.
Follow these steps to get started with NemoClaw and your first sandboxed OpenClaw agent.
<!-- start-quickstart-guide -->ℹ️ Note
NemoClaw creates a fresh OpenClaw instance inside the sandbox during onboarding.
Check the prerequisites before you start to ensure you have the necessary software and hardware to run NemoClaw.
| Resource | Minimum | Recommended |
|---|---|---|
| CPU | 4 vCPU | 4+ vCPU |
| RAM | 8 GB | 16 GB |
| Disk | 20 GB free | 40 GB free |
The sandbox image is approximately 2.4 GB compressed. During image push, the Docker daemon, k3s, and the OpenShell gateway run alongside the export pipeline, which buffers decompressed layers in memory. On machines with less than 8 GB of RAM, this combined usage can trigger the OOM killer. If you cannot add memory, configuring at least 8 GB of swap can work around the issue at the cost of slower performance.
| Dependency | Version |
|---|---|
| Linux | Ubuntu 22.04 LTS or later |
| Node.js | 20 or later |
| npm | 10 or later |
| Container runtime | Supported runtime installed and running |
| OpenShell | Installed |
| Platform | Supported runtimes | Notes |
|---|---|---|
| Linux | Docker | Primary supported path today |
| macOS (Apple Silicon) | Colima, Docker Desktop | Recommended runtimes for supported macOS setups |
| macOS | Podman | Not supported yet. NemoClaw currently depends on OpenShell support for Podman on macOS. |
| Windows WSL | Docker Desktop (WSL backend) | Supported target path |
💡 Tip
For DGX Spark, follow the DGX Spark setup guide. It covers Spark-specific prerequisites, such as cgroup v2 and Docker configuration, before running the standard installer.
Download and run the installer script. The script installs Node.js if it is not already present, then runs the guided onboard wizard to create a sandbox, configure inference, and apply security policies.
curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash
If you use nvm or fnm to manage Node.js, the installer may not update your current shell's PATH.
If nemoclaw is not found after install, run source ~/.bashrc (or source ~/.zshrc for zsh) or open a new terminal.
When the install completes, a summary confirms the running environment:
──────────────────────────────────────────────────
Sandbox my-assistant (Landlock + seccomp + netns)
Model nvidia/nemotron-3-super-120b-a12b (NVIDIA Cloud API)
──────────────────────────────────────────────────
Run: nemoclaw my-assistant connect
Status: nemoclaw my-assistant status
Logs: nemoclaw my-assistant logs --follow
──────────────────────────────────────────────────
[INFO] === Installation complete ===
Connect to the sandbox, then chat with the agent through the TUI or the CLI.
Run the following command to connect to the sandbox:
nemoclaw my-assistant connect
This connects you to the sandbox shell sandbox@my-assistant:~$ where you can run openclaw commands.
In the sandbox shell, run the following command to open the OpenClaw TUI, which opens an interactive chat interface.
openclaw tui
Send a test message to the agent and verify you receive a response.
ℹ️ Note
The TUI is best for interactive back-and-forth. If you need the full text of a long response such as a large code generation output, use the CLI instead.
In the sandbox shell, run the following command to send a single message and print the response:
openclaw agent --agent main --local -m "hello" --session-id test
This prints the complete response directly in the terminal and avoids relying on the TUI view for long output.
To remove NemoClaw and all resources created during setup, in the terminal outside the sandbox, run:
curl -fsSL https://raw.githubusercontent.com/NVIDIA/NemoClaw/refs/heads/main/uninstall.sh | bash
The script removes sandboxes, the NemoClaw gateway and providers, related Docker images and containers, local state directories, and the global nemoclaw npm package. It does not remove shared system tooling such as Docker, Node.js, npm, or Ollama.
| Flag | Effect |
|---|---|
--yes | Skip the confirmation prompt. |
--keep-openshell | Leave the openshell binary installed. |
--delete-models | Also remove NemoClaw-pulled Ollama models. |
For example, to skip the confirmation prompt:
curl -fsSL https://raw.githubusercontent.com/NVIDIA/NemoClaw/refs/heads/main/uninstall.sh | bash -s -- --yes
NemoClaw installs the NVIDIA OpenShell runtime and Nemotron models, then uses a versioned blueprint to create a sandboxed environment where every network request, file access, and inference call is governed by declarative policy. The nemoclaw CLI orchestrates the full stack: OpenShell gateway, sandbox, inference provider, and network policy.
| Component | Role |
|---|---|
| Plugin | TypeScript CLI commands for launch, connect, status, and logs. |
| Blueprint | Versioned Python artifact that orchestrates sandbox creation, policy, and inference setup. |
| Sandbox | Isolated OpenShell container running OpenClaw with policy-enforced egress and filesystem. |
| Inference | NVIDIA cloud model calls, routed through the OpenShell gateway, transparent to the agent. |
The blueprint lifecycle follows four stages: resolve the artifact, verify its digest, plan the resources, and apply through the OpenShell CLI.
When something goes wrong, errors may originate from either NemoClaw or the OpenShell layer underneath. Run nemoclaw <name> status for NemoClaw-level health and openshell sandbox list to check the underlying sandbox state.
Inference requests from the agent never leave the sandbox directly. OpenShell intercepts every call and routes it to the NVIDIA cloud provider.
| Provider | Model | Use Case |
|---|---|---|
| NVIDIA cloud | nvidia/nemotron-3-super-120b-a12b | Production. Requires an NVIDIA API key. |
Get an API key from build.nvidia.com. The nemoclaw onboard command prompts for this key during setup.
Local inference options such as Ollama and vLLM are still experimental. On macOS, they also depend on OpenShell host-routing support in addition to the local service itself being reachable on the host.
The sandbox starts with a strict baseline policy that controls network egress and filesystem access:
| Layer | What it protects | When it applies |
|---|---|---|
| Network | Blocks unauthorized outbound connections. | Hot-reloadable at runtime. |
| Filesystem | Prevents reads/writes outside /sandbox and /tmp. | Locked at sandbox creation. |
| Process | Blocks privilege escalation and dangerous syscalls. | Locked at sandbox creation. |
| Inference | Reroutes model API calls to controlled backends. | Hot-reloadable at runtime. |
When the agent tries to reach an unlisted host, OpenShell blocks the request and surfaces it in the TUI for operator approval.
nemoclaw)Run these on the host to set up, connect to, and manage sandboxes.
| Command | Description |
|---|---|
nemoclaw onboard | Interactive setup wizard: gateway, providers, sandbox. |
nemoclaw <name> connect | Open an interactive shell inside the sandbox. |
openshell term | Launch the OpenShell TUI for monitoring and approvals. |
nemoclaw start / stop / status | Manage auxiliary services (Telegram bridge, tunnel). |
openclaw nemoclaw)Run these inside the OpenClaw CLI. These commands are under active development and may not all be functional yet.
| Command | Description |
|---|---|
openclaw nemoclaw launch [--profile ...] | Bootstrap OpenClaw inside an OpenShell sandbox. |
openclaw nemoclaw status | Show sandbox health, blueprint state, and inference. |
openclaw nemoclaw logs [-f] | Stream blueprint execution and sandbox logs. |
See the full CLI reference for all commands, flags, and options.
Known limitations:
- The
openclaw nemoclawplugin commands are under active development. Use thenemoclawhost CLI as the primary interface.- Setup may require manual workarounds on some platforms. File an issue if you encounter blockers.
Refer to the documentation for more information on NemoClaw.
This project is licensed under the Apache License 2.0.