NemoClaw
AI エージェントを、安全に。NVIDIA の技術で。
コマンド一つでセキュアな AI エージェントスタックを構築。OpenShell サンドボックス + Nemotron ローカル推論 + Privacy Router——OpenClaw にエンタープライズレベルの安全を。
クイックスタート
curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash Auto-installs Node.js, OpenShell runtime, and the NemoClaw CLI. Runs nemoclaw onboard after install.
主な機能
OpenShell セキュアサンドボックス
カーネルレベルで AI エージェントの実行を隔離。ファイルシステム・ネットワーク・プロセスの 3 軸でポリシーベースの細かい制御が可能です。
Privacy Router
ローカルの Nemotron とクラウドモデルを自動で振り分け。機密データはデバイスから出さず、安全なリクエストだけクラウドに送ります。
Nemotron ローカル推論
Nemotron 3 Super 120B MoE をローカルで実行。トークンコストゼロ、データ漏洩ゼロ。NVIDIA GPU で完全オフライン。
ネットワークポリシーエンジン
アウトバウンド通信はデフォルトで全拒否。外部接続にはオペレーターの承認が必要。すべてのネットワーク活動を監査ログに記録。
マルチプラットフォーム対応
GeForce RTX、RTX PRO、DGX Station、DGX Spark で動作。開発用ワークステーションからエンタープライズデータセンターまで。
ワンコマンドインストール
コマンド一つで OpenShell、Nemotron、Privacy Router、NemoClaw CLI をまとめてデプロイ。
最新情報
OpenClawからNemoClawへ:セキュリティの物語
OpenClawの300,000以上のGitHub Starへの爆発的成長がエンタープライズセキュリティの重大なギャップを露わにし、NVIDIAとのコラボレーションとNemoClawの誕生につながった経緯。Peter Steinbergerが語る。
NemoClawエコシステム:未来を構築するパートナーたち
Adobe、Salesforce、SAP、Dell、Cisco、LangChainがNemoClaw上に構築。成長するインテグレーションエコシステム、パートナーのコミットメント、オープンエージェントセキュリティプラットフォームのロードマップ。
NemoClawのエンタープライズユースケース
エンタープライズがカスタマーサポート自動化、セールスオペレーション、セキュリティオペレーション、インフラストラクチャ管理にNemoClawをどのようにデプロイしているか。セキュリティポリシー例を含む実世界のシナリオ。
みんなの声
"Default-deny networking was the killer feature for us. Every outbound request our agents make is logged and requires approval. Exactly what our compliance team needed."
@secops_maria"Ran 'nemoclaw onboard' and had a fully sandboxed agent environment in under 5 minutes. OpenShell isolation gives us confidence to deploy AI agents in production."
@devops_mike"The Privacy Router is genius. Customer PII never leaves our infrastructure — only safe, anonymized queries hit the cloud models. Zero code changes from our existing agents."
@ai_sarah"Showed the OpenShell audit logs to our SOC 2 auditor. First time they've seen AI agent activity tracked at this level of detail. Passed with flying colors."
@ciso_tom"Running Nemotron locally means zero token cost for internal queries. We cut our cloud AI spend by 70% while actually improving data privacy. Win-win."
@mleng_jenny"Deployed NemoClaw on DGX Spark and it just works. Auto-detected the hardware, configured optimal model settings. One command to production-ready AI security."
@platform_raj"Default-deny networking was the killer feature for us. Every outbound request our agents make is logged and requires approval. Exactly what our compliance team needed."
@secops_maria"Ran 'nemoclaw onboard' and had a fully sandboxed agent environment in under 5 minutes. OpenShell isolation gives us confidence to deploy AI agents in production."
@devops_mike"The Privacy Router is genius. Customer PII never leaves our infrastructure — only safe, anonymized queries hit the cloud models. Zero code changes from our existing agents."
@ai_sarah"Showed the OpenShell audit logs to our SOC 2 auditor. First time they've seen AI agent activity tracked at this level of detail. Passed with flying colors."
@ciso_tom"Running Nemotron locally means zero token cost for internal queries. We cut our cloud AI spend by 70% while actually improving data privacy. Win-win."
@mleng_jenny"Deployed NemoClaw on DGX Spark and it just works. Auto-detected the hardware, configured optimal model settings. One command to production-ready AI security."
@platform_raj"OpenShell's sandbox isolation caught a rogue agent trying to access /etc/passwd. In production. Without NemoClaw, that would have been a security incident."
@infra_alex"Blueprints make repeatable secure deployments trivial. Define once, deploy everywhere. Every new agent gets the same security posture automatically."
@devsec_lisa"The network policy engine is exactly what we needed. Our agents can only reach pre-approved APIs. Everything else is blocked by default. Simple and effective."
@security_emma"Migrated 30 OpenClaw agents to NemoClaw. Zero code changes — just wrapped them in OpenShell sandboxes. Now we have full audit trails for every agent action."
@cloud_chris"As a startup handling healthcare data, NemoClaw's Privacy Router was non-negotiable. Patient data stays on our GPUs, period. HIPAA compliance out of the box."
@startup_nina"The OpenShell TUI is addictive. Watching agent actions in real-time, seeing network requests get approved or blocked — it's like Wireshark for AI agents."
@backend_kai"OpenShell's sandbox isolation caught a rogue agent trying to access /etc/passwd. In production. Without NemoClaw, that would have been a security incident."
@infra_alex"Blueprints make repeatable secure deployments trivial. Define once, deploy everywhere. Every new agent gets the same security posture automatically."
@devsec_lisa"The network policy engine is exactly what we needed. Our agents can only reach pre-approved APIs. Everything else is blocked by default. Simple and effective."
@security_emma"Migrated 30 OpenClaw agents to NemoClaw. Zero code changes — just wrapped them in OpenShell sandboxes. Now we have full audit trails for every agent action."
@cloud_chris"As a startup handling healthcare data, NemoClaw's Privacy Router was non-negotiable. Patient data stays on our GPUs, period. HIPAA compliance out of the box."
@startup_nina"The OpenShell TUI is addictive. Watching agent actions in real-time, seeing network requests get approved or blocked — it's like Wireshark for AI agents."
@backend_kai