NVIDIA NemoClaw is an open source reference stack that simplifies running OpenClaw always-on assistants more safely. It installs the NVIDIA OpenShell runtime, part of NVIDIA Agent Toolkit, which provides additional security for running autonomous agents.
Alpha software
NemoClaw is available in early preview starting March 16, 2026. This software is not production-ready. Interfaces, APIs, and behavior may change without notice as we iterate on the design. The project is shared to gather feedback and enable early experimentation. We welcome issues and discussion from the community while the project evolves.
NemoClaw adds guided onboarding, a hardened blueprint, state management, messaging bridges, routed inference, and layered protection on top of the NVIDIA OpenShell runtime. For the full feature list, refer to Overview. For the system diagram, component model, and blueprint lifecycle, refer to How It Works and Architecture.
Follow these steps to install NemoClaw and run your first sandboxed OpenClaw agent.
Before getting started, check the prerequisites to ensure you have the necessary software and hardware to run NemoClaw.
| Resource | Minimum | Recommended |
|---|---|---|
| CPU | 4 vCPU | 4+ vCPU |
| RAM | 8 GB | 16 GB |
| Disk | 20 GB free | 40 GB free |
The sandbox image is approximately 2.4 GB compressed. During image push, the Docker daemon, k3s, and the OpenShell gateway run alongside the export pipeline, which buffers decompressed layers in memory. On machines with less than 8 GB of RAM, this combined usage can trigger the OOM killer. If you cannot add memory, configuring at least 8 GB of swap can work around the issue at the cost of slower performance.
| Dependency | Version |
|---|---|
| Linux | Ubuntu 22.04 LTS or later |
| Node.js | 22.16 or later |
| npm | 10 or later |
| Container runtime | Supported runtime installed and running |
| OpenShell | Installed |
| Platform | Supported runtimes | Notes |
|---|---|---|
| Linux | Docker | Primary supported path. |
| macOS (Apple Silicon) | Colima, Docker Desktop | Install Xcode Command Line Tools (xcode-select --install) and start the runtime before running the installer. |
| macOS (Intel) | Podman | Not supported yet. Depends on OpenShell support for Podman on macOS. |
| Windows WSL | Docker Desktop (WSL backend) | Supported target path. |
| DGX Spark | Docker | Refer to the DGX Spark setup guide for cgroup v2 and Docker configuration. |
Download and run the installer script. The script installs Node.js if it is not already present, then runs the guided onboard wizard to create a sandbox, configure inference, and apply security policies.
βΉοΈ Note
NemoClaw creates a fresh OpenClaw instance inside the sandbox during the onboarding process.
curl -fsSL https://www.nvidia.com/nemoclaw.sh | bashIf you use nvm or fnm to manage Node.js, the installer may not update your current shell's PATH.
If nemoclaw is not found after install, run source ~/.bashrc (or source ~/.zshrc for zsh) or open a new terminal.
When the install completes, a summary confirms the running environment:
ββββββββββββββββββββββββββββββββββββββββββββββββββ
Sandbox my-assistant (Landlock + seccomp + netns)
Model nvidia/nemotron-3-super-120b-a12b (NVIDIA Endpoints)
ββββββββββββββββββββββββββββββββββββββββββββββββββ
Run: nemoclaw my-assistant connect
Status: nemoclaw my-assistant status
Logs: nemoclaw my-assistant logs --follow
ββββββββββββββββββββββββββββββββββββββββββββββββββ
[INFO] === Installation complete ===
Connect to the sandbox, then chat with the agent through the TUI or the CLI.
nemoclaw my-assistant connectIn the sandbox shell, open the OpenClaw terminal UI and start a chat:
openclaw tuiAlternatively, send a single message and print the response:
openclaw agent --agent main --local -m "hello" --session-id testTo remove NemoClaw and all resources created during setup, run the uninstall script:
curl -fsSL https://raw.githubusercontent.com/NVIDIA/NemoClaw/refs/heads/main/uninstall.sh | bash| Flag | Effect |
|---|---|
--yes |
Skip the confirmation prompt. |
--keep-openshell |
Leave the openshell binary installed. |
--delete-models |
Also remove NemoClaw-pulled Ollama models. |
For troubleshooting installation or onboarding issues, see the Troubleshooting guide.
Refer to the following pages on the official documentation website for more information on NemoClaw.
| Type | Link | Description |
|---|---|---|
| Overview | Overview | What NemoClaw does and how it fits together. |
| How It Works | How It Works | Plugin, blueprint, sandbox lifecycle, and protection layers. |
| Architecture | Architecture | Plugin structure, blueprint lifecycle, sandbox environment, and host-side state. |
| Inference | Inference Profiles | Supported providers, validation, and routed inference configuration. |
| Network Policy | Network Policies | Baseline rules, operator approval flow, and egress control. |
| Customize Policy | Customize Network Policy | Static and dynamic policy changes, presets. |
| Sandbox Hardening | Sandbox Hardening | Container security measures, capability drops, process limits. |
| CLI Reference | CLI Commands | Full command reference. |
| Troubleshooting | Troubleshooting | Common issues and resolution steps. |
The following directories make up the NemoClaw repository.
NemoClaw/
βββ bin/ # CLI entry point and library modules (CJS)
βββ nemoclaw/ # TypeScript plugin (Commander CLI extension)
β βββ src/
β βββ blueprint/ # Runner, snapshot, SSRF validation, state
β βββ commands/ # Slash commands, migration state
β βββ onboard/ # Onboarding config
βββ nemoclaw-blueprint/ # Blueprint YAML and network policies
βββ scripts/ # Install helpers, setup, automation
βββ test/ # Integration and E2E tests
βββ docs/ # User-facing docs (Sphinx/MyST)
Join the NemoClaw community to ask questions, share feedback, and report issues.
We welcome contributions. See CONTRIBUTING.md for development setup, coding standards, and the PR process.
Report vulnerabilities privately. See SECURITY.md.
Apache 2.0. See LICENSE.