NVIDIA NemoClaw is an open-source reference stack designed to enhance the security of running OpenClaw, an always-on assistant, within the NVIDIA OpenShell environment. Its primary purpose is to provide a secure and managed environment for running autonomous agents, leveraging the security features of OpenShell and integrating with NVIDIA's inference capabilities. This project is currently in an alpha state, indicating that it's an early preview and not yet production-ready, with interfaces and behavior subject to change. The project encourages community feedback and experimentation.

At its core, NemoClaw simplifies the process of deploying and managing OpenClaw agents. It achieves this by installing the NVIDIA OpenShell runtime, which provides a secure sandbox environment. This sandbox isolates the OpenClaw agent, controlling its network access, filesystem interactions, and process execution. NemoClaw also integrates with open-source models, such as NVIDIA Nemotron, to provide inference capabilities. The project utilizes a "blueprint" system, a versioned Python artifact, to orchestrate the creation of the sandbox, configure security policies, and set up inference. The `nemoclaw` command-line interface (CLI) serves as the primary tool for managing the entire stack, from launching and connecting to sandboxes to monitoring their status and accessing logs.

The main features of NemoClaw revolve around security and ease of use. It offers a secure sandbox environment that restricts network egress, filesystem access, and process behavior. This is achieved through a declarative policy defined in a YAML file, which can be customized to control the agent's interactions with the outside world. The project provides preset policy files for common integrations like PyPI, Docker Hub, and Slack, simplifying the configuration process. Furthermore, NemoClaw integrates with NVIDIA Endpoint for inference, routing model API calls through the OpenShell gateway, ensuring that inference requests are handled securely. The system also provides a TUI (Text User Interface) for monitoring and approving network requests, allowing operators to control the agent's access to external resources in real-time.

The installation process is streamlined through a single-line installer script. The script handles the installation of necessary dependencies, including Node.js, and guides the user through an onboarding wizard to create a sandbox, configure inference, and apply security policies. Once installed, users can connect to the sandbox using the `nemoclaw connect` command and interact with the OpenClaw agent through either a TUI or a CLI. The TUI provides an interactive chat interface, while the CLI allows for direct message sending and response retrieval, particularly useful for long outputs. Uninstallation is equally straightforward, with a script removing all resources created during setup.

NemoClaw's architecture comprises several key components. The plugin provides the CLI commands for managing the system. The blueprint orchestrates the sandbox creation, policy application, and inference setup. The sandbox itself is an isolated OpenShell container that runs OpenClaw with enforced policies. Finally, the inference component handles model calls, routed through the OpenShell gateway. The system's protection layers include network, filesystem, process, and inference controls, ensuring that the agent operates within defined boundaries. The network layer blocks unauthorized outbound connections, the filesystem layer prevents unauthorized access, the process layer blocks privilege escalation, and the inference layer reroutes model API calls to controlled backends.

In summary, NVIDIA NemoClaw is a valuable tool for developers and researchers looking to run OpenClaw agents securely. It provides a managed environment with robust security features, simplified deployment, and integration with NVIDIA's inference capabilities. While still in its alpha phase, NemoClaw offers a promising approach to building and deploying secure and controlled autonomous agents.