NemoClaw — NVIDIA Security Stack for AI Agents

NemoClaw

Secure AI Agents. Powered by NVIDIA.

shield OpenShell Sandbox

route Privacy Router

memory Nemotron Inference

security Network Policies

terminal One-Click Deploy

One command to deploy a secure AI agent stack. OpenShell sandbox + Nemotron local inference + Privacy Router — enterprise-grade security for OpenClaw agents.

terminal Get Started apps Use Cases

Install NemoClaw in One Command

ALPHA
# One-liner install for NemoClaw secure stack (Ubuntu 22.04+ recommended)
$ curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash

Auto-installs Node.js, OpenShell runtime, and the NemoClaw CLI. Runs nemoclaw onboard after install.

NemoClaw Core Capabilities

shield

OpenShell Secure Sandbox

Kernel-level isolation for AI agent execution. Policy-driven sandboxes with configurable filesystem, network, and process controls.

route

Privacy Router

Intelligent routing between local Nemotron models and cloud providers. Sensitive data stays on-device, only safe queries go to the cloud.

memory

Nemotron Local Inference

Run Nemotron 3 Super 120B MoE model locally. Zero token cost, zero data leakage, full offline capability on NVIDIA GPUs.

security

Network Policy Engine

Default-deny outbound networking. Every external connection requires operator approval. Full audit trail of all network activity.

devices

Multi-Platform Deployment

Run on GeForce RTX, RTX PRO, DGX Station, or DGX Spark. From developer workstation to enterprise datacenter.

terminal

One-Click Install

Single command deploys the complete security stack: OpenShell, Nemotron, Privacy Router, and the NemoClaw CLI.

See It In Action

See NemoClaw in Action

Watch the GTC 2026 announcement, architecture demos, and deployment walkthroughs.

menu_book View official documentation arrow_forward

NemoClaw Latest Updates

View all posts arrow_forward
From OpenClaw to NemoClaw: The Security Story
Mar 24, 2026 · 12 min read

From OpenClaw to NemoClaw: The Security Story

How OpenClaw's explosive growth to 300,000+ GitHub stars exposed critical enterprise security gaps, leading to NVIDIA's collaboration and the birth of NemoClaw. Peter Steinberger tells the story.

story openclaw
NemoClaw Ecosystem: Partners Building the Future
Mar 23, 2026 · 11 min read

NemoClaw Ecosystem: Partners Building the Future

Adobe, Salesforce, SAP, Dell, Cisco, and LangChain are building on NemoClaw. A look at the growing ecosystem of integrations, partner commitments, and the roadmap for the open agent security platform.

ecosystem partners
Enterprise Use Cases for NemoClaw
Mar 22, 2026 · 12 min read

Enterprise Use Cases for NemoClaw

How enterprises are deploying NemoClaw for customer support automation, sales operations, security operations, and infrastructure management. Real-world scenarios with security policy examples.

use-cases enterprise

Trusted by 500+ Engineers Using NemoClaw

View all arrow_forward
@secops_maria avatar

"Default-deny networking was the killer feature for us. Every outbound request our agents make is logged and requires approval. Exactly what our compliance team needed."

@secops_maria
@devops_mike avatar

"Ran 'nemoclaw onboard' and had a fully sandboxed agent environment in under 5 minutes. OpenShell isolation gives us confidence to deploy AI agents in production."

@devops_mike
@ai_sarah avatar

"The Privacy Router is genius. Customer PII never leaves our infrastructure — only safe, anonymized queries hit the cloud models. Zero code changes from our existing agents."

@ai_sarah
@ciso_tom avatar

"Showed the OpenShell audit logs to our SOC 2 auditor. First time they've seen AI agent activity tracked at this level of detail. Passed with flying colors."

@ciso_tom
@mleng_jenny avatar

"Running Nemotron locally means zero token cost for internal queries. We cut our cloud AI spend by 70% while actually improving data privacy. Win-win."

@mleng_jenny
@platform_raj avatar

"Deployed NemoClaw on DGX Spark and it just works. Auto-detected the hardware, configured optimal model settings. One command to production-ready AI security."

@platform_raj
@secops_maria avatar

"Default-deny networking was the killer feature for us. Every outbound request our agents make is logged and requires approval. Exactly what our compliance team needed."

@secops_maria
@devops_mike avatar

"Ran 'nemoclaw onboard' and had a fully sandboxed agent environment in under 5 minutes. OpenShell isolation gives us confidence to deploy AI agents in production."

@devops_mike
@ai_sarah avatar

"The Privacy Router is genius. Customer PII never leaves our infrastructure — only safe, anonymized queries hit the cloud models. Zero code changes from our existing agents."

@ai_sarah
@ciso_tom avatar

"Showed the OpenShell audit logs to our SOC 2 auditor. First time they've seen AI agent activity tracked at this level of detail. Passed with flying colors."

@ciso_tom
@mleng_jenny avatar

"Running Nemotron locally means zero token cost for internal queries. We cut our cloud AI spend by 70% while actually improving data privacy. Win-win."

@mleng_jenny
@platform_raj avatar

"Deployed NemoClaw on DGX Spark and it just works. Auto-detected the hardware, configured optimal model settings. One command to production-ready AI security."

@platform_raj
@infra_alex avatar

"OpenShell's sandbox isolation caught a rogue agent trying to access /etc/passwd. In production. Without NemoClaw, that would have been a security incident."

@infra_alex
@devsec_lisa avatar

"Blueprints make repeatable secure deployments trivial. Define once, deploy everywhere. Every new agent gets the same security posture automatically."

@devsec_lisa
@security_emma avatar

"The network policy engine is exactly what we needed. Our agents can only reach pre-approved APIs. Everything else is blocked by default. Simple and effective."

@security_emma
@cloud_chris avatar

"Migrated 30 OpenClaw agents to NemoClaw. Zero code changes — just wrapped them in OpenShell sandboxes. Now we have full audit trails for every agent action."

@cloud_chris
@startup_nina avatar

"As a startup handling healthcare data, NemoClaw's Privacy Router was non-negotiable. Patient data stays on our GPUs, period. HIPAA compliance out of the box."

@startup_nina
@backend_kai avatar

"The OpenShell TUI is addictive. Watching agent actions in real-time, seeing network requests get approved or blocked — it's like Wireshark for AI agents."

@backend_kai
@infra_alex avatar

"OpenShell's sandbox isolation caught a rogue agent trying to access /etc/passwd. In production. Without NemoClaw, that would have been a security incident."

@infra_alex
@devsec_lisa avatar

"Blueprints make repeatable secure deployments trivial. Define once, deploy everywhere. Every new agent gets the same security posture automatically."

@devsec_lisa
@security_emma avatar

"The network policy engine is exactly what we needed. Our agents can only reach pre-approved APIs. Everything else is blocked by default. Simple and effective."

@security_emma
@cloud_chris avatar

"Migrated 30 OpenClaw agents to NemoClaw. Zero code changes — just wrapped them in OpenShell sandboxes. Now we have full audit trails for every agent action."

@cloud_chris
@startup_nina avatar

"As a startup handling healthcare data, NemoClaw's Privacy Router was non-negotiable. Patient data stays on our GPUs, period. HIPAA compliance out of the box."

@startup_nina
@backend_kai avatar

"The OpenShell TUI is addictive. Watching agent actions in real-time, seeing network requests get approved or blocked — it's like Wireshark for AI agents."

@backend_kai

NemoClaw FAQ

Common questions about NemoClaw and how it works.

View all questions arrow_forward

Start Securing AI Agents with NemoClaw

Get updates on NemoClaw releases, security advisories, and ecosystem news. No spam, unsubscribe anytime.