NemoClaw is NVIDIA's open-source security stack for OpenClaw AI agents. It combines OpenShell (a kernel-level sandbox runtime), Nemotron (local AI models for privacy), and a Privacy Router (intelligent local/cloud routing) into a single installable package. Think of it as the security layer that makes OpenClaw enterprise-ready.

OpenClaw is the open-source AI agent created by Peter Steinberger — it executes tasks, manages files, controls browsers, and more. NemoClaw is an NVIDIA-developed plugin that adds security controls to OpenClaw: sandboxed execution, network policies, privacy-preserving model routing, and audit logging. NemoClaw doesn't replace OpenClaw — it wraps it in enterprise-grade security.

Minimum: Any Linux machine with 8GB RAM and 20GB disk space (cloud model routing only). Recommended: NVIDIA GPU with 8GB+ VRAM for local Nemotron Nano inference. Full local: NVIDIA GPU with 48GB+ VRAM (or multi-GPU setup) for Nemotron Super 120B. Supported hardware: GeForce RTX 4090/5090, RTX PRO 6000, DGX Station, DGX Spark.

NemoClaw includes Nemotron 3 Super 120B MoE (flagship local model) and Nemotron 3 Nano 4B (edge model). It also supports cloud routing to OpenAI (GPT-4/5), Anthropic (Claude), Google (Gemini), and any OpenAI-compatible API. The Privacy Router automatically decides which model handles each query based on your data sensitivity policies.

The Privacy Router inspects each query and classifies its data sensitivity. Queries containing PII, proprietary code, financial data, or other sensitive categories are routed to the local Nemotron model — they never leave your infrastructure. Non-sensitive queries can be routed to cloud models for faster or more capable responses. You define the classification rules in your policy config.

NemoClaw uses default-deny outbound networking. When an agent tries to make an external connection, it's blocked by default. Operators can pre-approve specific domains (e.g., 'api.openai.com') or approve connections in real-time via the OpenShell TUI. Every network request is logged in the audit trail.

Yes. NemoClaw is fully open source under the Apache 2.0 license. The code is at github.com/NVIDIA/NemoClaw. There are no paid tiers, no proprietary components, and no usage restrictions. NVIDIA provides this as a public good for AI agent security.

NemoClaw was announced at GTC 2026 in alpha status. This means the core architecture is stable but APIs may change, documentation is still growing, and some features are being refined. We recommend testing in non-production environments first and contributing feedback via GitHub Issues.

DGX Spark comes with pre-optimized NVIDIA drivers and CUDA. Install NemoClaw with the standard one-liner: 'curl -fsSL https://nvidia.com/nemoclaw.sh | bash'. The installer auto-detects DGX Spark hardware and configures optimal settings. Run 'nemoclaw onboard' to complete setup.

Blueprints are versioned Python artifacts that orchestrate the complete agent lifecycle: sandbox creation, policy application, model selection, and inference setup. Think of them as recipes for secure agent deployments. The lifecycle is: Resolve → Verify → Plan → Apply. You can create custom blueprints or use community-provided ones.

OpenShell is NemoClaw's security runtime. It provides kernel-level process isolation (like containers, but lighter), filesystem sandboxing (agents can only access allowed paths), network policy enforcement (default-deny outbound), and operator approval workflows. Every action an agent takes inside OpenShell is logged for auditing.

Yes, with limitations. Without a GPU, you can't run Nemotron models locally — all inference will be routed to cloud providers via the Privacy Router. The OpenShell sandbox, network policies, and audit logging work fully on CPU-only machines. This is useful for testing and for deployments where cloud models are acceptable.

The official NemoClaw repository is at github.com/NVIDIA/NemoClaw. The OpenClaw project it builds on is at github.com/openclaw/openclaw with 191,000+ stars and 900+ contributors.

Yes. The documentation is available right here at /docs/, covering architecture, quickstart, network policies, inference configuration, CLI commands, and troubleshooting. The official NVIDIA docs are also at docs.nvidia.com/nemoclaw.

The NemoClaw community is active on GitHub Discussions at the NVIDIA/NemoClaw repository. The OpenClaw community has a Discord server at discord.gg/XFpfPv9Uvx. Follow @steipete (OpenClaw creator) and NVIDIA AI on X for updates.

soul.md is a Markdown file at ~/.openclaw/soul.md that defines your agent's personality, tone, and behavior rules. Think of it as the agent's character sheet. You can set formal vs casual style, topics to avoid, preferred language, response style, and custom instructions. OpenClaw loads this file at startup and applies it as a system-level prompt to every conversation.

NemoClaw is designed for security from the ground up. OpenShell provides kernel-level sandboxing, default-deny network policies, and full audit logging. All agent actions are isolated and monitored. The project is open source under Apache 2.0, so you can audit every line of code. See /docs/reference/network-policies for the full security policy reference.

NemoClaw itself is a server-side security stack, not a mobile app. However, you can interact with your NemoClaw-secured agent from any device via the Telegram bridge (see /docs/deployment/set-up-telegram-bridge). The underlying OpenClaw project has iOS and Android companion apps for remote access.

NemoClaw stores configuration in ~/.nemoclaw/. Key paths: ~/.nemoclaw/config.yaml (main configuration), ~/.nemoclaw/credentials.json (API keys). The blueprint and policies live in the nemoclaw-blueprint/ directory within the project. OpenClaw data is stored separately in ~/.openclaw/.

To uninstall NemoClaw, run 'npm uninstall -g nemoclaw'. To also remove the sandbox, run 'nemoclaw my-assistant destroy' first. To clean up all data, delete ~/.nemoclaw/. If you deployed via Docker, stop and remove the container with 'docker stop nemoclaw && docker rm nemoclaw'.

OpenClaw is the open-source AI agent that executes tasks on your machine. NemoClaw is NVIDIA's security stack that wraps OpenClaw in enterprise-grade controls: OpenShell kernel-level sandboxing, default-deny network policies, Nemotron local inference via the Privacy Router, and full audit logging. Think of OpenClaw as the engine, NemoClaw as the armor.

No. NemoClaw is not a company or a publicly traded stock. It is an open-source project (Apache 2.0) by NVIDIA Corporation (NASDAQ: NVDA). NemoClaw is free to use with no paid tiers. If you want to invest in the technology behind NemoClaw, NVIDIA is the parent company.

There is no official NemoClaw subreddit yet. The primary community channels are GitHub Discussions on the NVIDIA/NemoClaw repository and the OpenClaw Discord server (discord.gg/XFpfPv9Uvx). NemoClaw-related discussions also appear on r/LocalLLaMA, r/selfhosted, and r/NVIDIA on Reddit.