AI Agent Security & Orchestration

NemoClaw

An open-source reference stack from NVIDIA for deploying OpenClaw AI agents with infrastructure-level security guardrails, privacy routing, and managed inference.

License Apache 2.0

Languages TypeScript / Python / Shell

Status Alpha Preview

GitHub NVIDIA/NemoClaw

🧩 Core Concepts Beginner Sandbox, blueprint, privacy router, policy layers, and OpenShell -- the building blocks of NemoClaw. 🏗 Architecture Intermediate Three operational levels, two core components, and why out-of-process policy enforcement is the right design. ⚙️ How It Works Intermediate Onboarding flow, inference routing, network enforcement, filesystem isolation, and state migration. 💻 Implementation Details Advanced Getting started, project structure, source code walkthrough, and key design decisions. 🎯 Use Cases Beginner-Intermediate When to use NemoClaw, when not to, and real-world deployment scenarios. 🌍 Ecosystem Intermediate NVIDIA tools, inference providers, messaging integrations, and complementary systems. ❓ Common Q&A All Levels Senior-engineer questions about security, Docker differences, privacy routing, and production readiness. ⚖️ Trade-offs Intermediate Strengths, limitations, alternatives comparison, and an honest assessment of where NemoClaw fits.

Quick Start

Get a sandboxed OpenClaw agent running with security guardrails in three commands.

Bash

# Install NemoClaw
curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash

# Run the onboarding wizard (provisions sandbox + policies)
nemoclaw onboard

# Connect to your sandboxed agent
nemoclaw my-assistant connect

Requires Linux (Ubuntu 22.04+) or macOS with Docker, Node.js 22.16+, and 8 GB+ RAM. See Implementation Details for full prerequisites.