For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
  • About NemoClaw
    • Overview
    • Architecture Overview
    • Ecosystem
    • Release Notes
  • Get Started
    • Prerequisites
    • Quickstart with OpenClaw
    • Quickstart with Hermes
  • Inference
    • Inference Options
    • Use Local Inference
    • Tool-Calling Reliability
    • Switch Inference Providers
    • Set Up Task-Specific Sub-Agents
  • Manage Sandboxes
    • Manage Sandbox Lifecycle
    • Runtime Controls
    • Set Up Messaging Channels
    • Workspace Files
    • Backup and Restore
  • Network Policy
    • Approve or Deny Network Requests
    • Customize the Network Policy
    • Integration Policy Examples
  • Deployment
    • Deploy to Remote GPU Instances
    • Brev Web UI
    • Install OpenClaw Plugins
    • Sandbox Hardening
  • Monitoring
    • Monitor Sandbox Activity
  • Security
    • Security Best Practices
    • Credential Storage
    • OpenClaw Controls
  • Reference
    • Architecture Details
    • Commands
    • CLI Selection Guide
    • Network Policies
    • Troubleshooting
  • Resources
    • Agent Skills
    • Report Vulnerabilities
    • License
    • Discord
NVIDIANVIDIA
Developer-friendly docs for your API
Privacy Policy | Your Privacy Choices | Terms of Service | Accessibility | Corporate Policies | Product Security | Contact

Copyright © 2026, NVIDIA Corporation.

LogoLogoNemoClaw
On this page
  • How the Stack Fits Together
  • NemoClaw Path versus OpenShell Path
  • What NemoClaw Adds Beyond the OpenShell Community Sandbox
  • When to Use Which
  • Related topics
About NemoClaw

Ecosystem

||View as Markdown|
Previous

NemoClaw Architecture Overview

Next

Release Notes

NemoClaw provides onboarding, lifecycle management, and OpenClaw operations within OpenShell containers.

This page describes how the ecosystem is formed across projects, where NemoClaw sits relative to OpenShell and OpenClaw, and how to choose between NemoClaw and OpenShell.

How the Stack Fits Together

There are three pieces that are put together in a NemoClaw deployment: OpenClaw, OpenShell, and NemoClaw, each with a distinct scope. The following diagram shows how they fit together.

NemoClaw sits above OpenShell in the operator workflow. It drives OpenShell APIs and CLI to create and configure the sandbox that runs OpenClaw. Models and endpoints sit behind OpenShell’s inference routing. NemoClaw onboarding wires provider choice into that routing.

The following table shows the scope of each component in the stack.

ProjectScope
OpenClawThe assistant: runtime, tools, memory, and behavior inside the container. It does not define the sandbox or the host gateway.
OpenShellThe execution environment: sandbox lifecycle, network, filesystem, and process policy, inference routing, and the operator-facing openshell CLI for those primitives.
NemoClawThe NVIDIA reference stack that implements the definition above on the host: nemoclaw CLI and plugin, versioned blueprint, channel messaging configured for OpenShell-managed delivery, and state migration helpers so OpenClaw runs inside OpenShell in a documented, repeatable way.

NemoClaw Path versus OpenShell Path

Both paths assume OpenShell can sandbox a workload. The difference is who owns the integration work.

PathWhat it means
NemoClaw pathYou adopt the reference stack. NemoClaw’s blueprint encodes a hardened image, default policies, and orchestration so nemoclaw onboard can stand up a known-good OpenClaw-on-OpenShell setup with less custom glue.
OpenShell pathYou use OpenShell as the platform and supply your own container, install steps for OpenClaw, policy YAML, provider setup, and any host bridges. OpenShell stays the sandbox and policy engine; nothing requires NemoClaw’s blueprint or CLI.

What NemoClaw Adds Beyond the OpenShell Community Sandbox

OpenShell ships a community sandbox for OpenClaw. Running openshell sandbox create --from openclaw pulls that package, builds the image, applies the bundled policy, and starts a working sandbox. This is a valid path, and it produces a running OpenClaw environment with OpenShell isolation.

NemoClaw builds on that foundation with additional security hardening, automation, and lifecycle tooling. The following table compares the two paths.

Capabilityopenshell sandbox create --from openclawnemoclaw onboard
Sandbox isolationYes. OpenShell applies seccomp filters, Landlock filesystem restrictions, privilege dropping, network namespace isolation, and no-new-privileges enforcement. The community sandbox bundles its own policy tailored for OpenClaw.Yes. NemoClaw applies these through the blueprint and layers a more restrictive policy on top (see rows below).
Credential handlingOpenShell’s provider system replaces real credentials with placeholder tokens in the sandbox environment. The L7 proxy resolves placeholders to real values at egress. You create providers manually with openshell provider create.NemoClaw creates OpenShell providers automatically during onboarding. It also filters sensitive host environment variables (provider API keys, DISCORD_BOT_TOKEN, SLACK_BOT_TOKEN, TELEGRAM_BOT_TOKEN) from the sandbox creation command to prevent accidental leakage through build args.
Image hardeningThe community image includes standard system tools for general-purpose use.NemoClaw strips build toolchains (gcc, g++, make) and network probes (netcat) from the runtime image to reduce attack surface.
Filesystem policyThe community sandbox bundles a policy for OpenClaw.NemoClaw defines a targeted read-only and read-write layout. System paths (/usr, /lib, /etc) are read-only. The agent’s home directory (/sandbox) and config directory (/sandbox/.openclaw) are writable by default so the agent can manage config, install skills, and write to standard paths natively.
Inference setupThe community sandbox includes an openclaw-start script that runs OpenClaw’s onboarding wizard inside the sandbox. You can also create providers and configure OpenShell inference routing manually from the host.NemoClaw’s onboarding wizard validates your credential from the host, lets you select a provider (NVIDIA Endpoints, OpenAI, Anthropic, Google Gemini, Ollama, and compatible endpoints), and configures OpenShell’s inference routing automatically. Credentials stay on the host and are delivered through OpenShell’s provider system.
Channel messagingOpenShell provides the credential provider system and L7 proxy that delivers channel tokens securely (including path-based resolution for Telegram’s /bot<token>/ URL pattern). You create providers and configure OpenClaw’s channel settings manually.NemoClaw automates channel setup during onboarding: it collects bot tokens, registers them as OpenShell providers, and bakes OpenClaw channel config with placeholder tokens that OpenShell’s proxy resolves at egress. No separate bridge process runs on the host.
Blueprint versioningNo blueprint. The community sandbox uses whatever image version is currently published.NemoClaw downloads the blueprint artifact, checks version compatibility, and verifies its digest before applying. Running nemoclaw onboard on different machines produces the same sandbox.
State migrationNot included.NemoClaw migrates agent state across machines with credential stripping and integrity verification.
Process count limitsOpenShell applies seccomp and privilege dropping. You set process count limits manually with --ulimit or orchestrator config.NemoClaw applies ulimit -u 512 in the container entrypoint to cap the process count and mitigate fork-bomb attacks, on top of OpenShell’s seccomp and privilege dropping.

When to Use Which

Use the following table to decide when to use NemoClaw versus OpenShell.

SituationPrefer
You want OpenClaw with minimal assembly, NVIDIA defaults, and the documented install and onboard flow.NemoClaw
You need maximum flexibility for custom images, a layout that does not match the NemoClaw blueprint, or a workload outside this reference stack.OpenShell with your own integration
You are standardizing on the NVIDIA reference for always-on assistants with policy and inference routing.NemoClaw
You are building internal platform abstractions where the NemoClaw CLI or blueprint is not the right fit.OpenShell (and your orchestration)

Related topics

  • Overview contains what NemoClaw is, capabilities, benefits, and use cases.
  • How It Works describes how NemoClaw runs, plugin, blueprint, sandbox creation, routing, protection layers.
  • Architecture shows the repository structure and technical diagrams.