NemoClaw
AI 代理,安全至上。NVIDIA 出品。
一行指令,部署完整的 AI 代理安全堆疊。OpenShell 核心沙盒 + Nemotron 本地推論 + Privacy Router——為 OpenClaw 代理提供企業級安全。
快速開始
curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash Auto-installs Node.js, OpenShell runtime, and the NemoClaw CLI. Runs nemoclaw onboard after install.
核心能力
OpenShell 安全沙盒
核心層級的 AI 代理隔離。策略驅動的沙盒環境,檔案系統、網路、程序三個維度精細管控。
Privacy Router
本地 Nemotron 和雲端模型之間智慧切換。敏感資料不出裝置,安全的請求才走雲端。
Nemotron 本地推論
在本機執行 Nemotron 3 Super 120B MoE。零 Token 開銷、零資料外洩,NVIDIA GPU 上完全離線。
網路策略引擎
對外流量預設全部拒絕。每個外部連線都需要管理員核准,所有網路行為完整記錄在稽核日誌裡。
跨平台部署
GeForce RTX、RTX PRO、DGX Station、DGX Spark 都能跑。從開發工作站到企業資料中心,全面涵蓋。
一鍵安裝
一行指令把 OpenShell、Nemotron、Privacy Router、NemoClaw CLI 全部就位。
最新動態
從 OpenClaw 到 NemoClaw:安全演進之路
OpenClaw 爆發式成長至 300,000+ GitHub 星標的過程中暴露了關鍵的企業安全缺口,最終促成了與 NVIDIA 的合作以及 NemoClaw 的誕生。Peter Steinberger 親述這段歷程。
NemoClaw 生態系統:合作夥伴共建未來
Adobe、Salesforce、SAP、Dell、Cisco 和 LangChain 正在基於 NemoClaw 進行建構。一覽不斷成長的整合生態、合作夥伴承諾以及開放代理安全平台的路線圖。
NemoClaw 的企業應用場景
企業如何部署 NemoClaw 實現客戶支援自動化、銷售營運、安全營運和基礎設施管理。包含安全策略範例的真實場景。
大家怎麼說
"Default-deny networking was the killer feature for us. Every outbound request our agents make is logged and requires approval. Exactly what our compliance team needed."
@secops_maria"Ran 'nemoclaw onboard' and had a fully sandboxed agent environment in under 5 minutes. OpenShell isolation gives us confidence to deploy AI agents in production."
@devops_mike"The Privacy Router is genius. Customer PII never leaves our infrastructure — only safe, anonymized queries hit the cloud models. Zero code changes from our existing agents."
@ai_sarah"Showed the OpenShell audit logs to our SOC 2 auditor. First time they've seen AI agent activity tracked at this level of detail. Passed with flying colors."
@ciso_tom"Running Nemotron locally means zero token cost for internal queries. We cut our cloud AI spend by 70% while actually improving data privacy. Win-win."
@mleng_jenny"Deployed NemoClaw on DGX Spark and it just works. Auto-detected the hardware, configured optimal model settings. One command to production-ready AI security."
@platform_raj"Default-deny networking was the killer feature for us. Every outbound request our agents make is logged and requires approval. Exactly what our compliance team needed."
@secops_maria"Ran 'nemoclaw onboard' and had a fully sandboxed agent environment in under 5 minutes. OpenShell isolation gives us confidence to deploy AI agents in production."
@devops_mike"The Privacy Router is genius. Customer PII never leaves our infrastructure — only safe, anonymized queries hit the cloud models. Zero code changes from our existing agents."
@ai_sarah"Showed the OpenShell audit logs to our SOC 2 auditor. First time they've seen AI agent activity tracked at this level of detail. Passed with flying colors."
@ciso_tom"Running Nemotron locally means zero token cost for internal queries. We cut our cloud AI spend by 70% while actually improving data privacy. Win-win."
@mleng_jenny"Deployed NemoClaw on DGX Spark and it just works. Auto-detected the hardware, configured optimal model settings. One command to production-ready AI security."
@platform_raj"OpenShell's sandbox isolation caught a rogue agent trying to access /etc/passwd. In production. Without NemoClaw, that would have been a security incident."
@infra_alex"Blueprints make repeatable secure deployments trivial. Define once, deploy everywhere. Every new agent gets the same security posture automatically."
@devsec_lisa"The network policy engine is exactly what we needed. Our agents can only reach pre-approved APIs. Everything else is blocked by default. Simple and effective."
@security_emma"Migrated 30 OpenClaw agents to NemoClaw. Zero code changes — just wrapped them in OpenShell sandboxes. Now we have full audit trails for every agent action."
@cloud_chris"As a startup handling healthcare data, NemoClaw's Privacy Router was non-negotiable. Patient data stays on our GPUs, period. HIPAA compliance out of the box."
@startup_nina"The OpenShell TUI is addictive. Watching agent actions in real-time, seeing network requests get approved or blocked — it's like Wireshark for AI agents."
@backend_kai"OpenShell's sandbox isolation caught a rogue agent trying to access /etc/passwd. In production. Without NemoClaw, that would have been a security incident."
@infra_alex"Blueprints make repeatable secure deployments trivial. Define once, deploy everywhere. Every new agent gets the same security posture automatically."
@devsec_lisa"The network policy engine is exactly what we needed. Our agents can only reach pre-approved APIs. Everything else is blocked by default. Simple and effective."
@security_emma"Migrated 30 OpenClaw agents to NemoClaw. Zero code changes — just wrapped them in OpenShell sandboxes. Now we have full audit trails for every agent action."
@cloud_chris"As a startup handling healthcare data, NemoClaw's Privacy Router was non-negotiable. Patient data stays on our GPUs, period. HIPAA compliance out of the box."
@startup_nina"The OpenShell TUI is addictive. Watching agent actions in real-time, seeing network requests get approved or blocked — it's like Wireshark for AI agents."
@backend_kai