Reference

CLI Commands Reference

View as Markdown

The nemoclaw CLI is the primary interface for managing NemoClaw sandboxes. It is installed automatically by the installer (curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash). For guidance on when to use nemoclaw versus the underlying openshell CLI, see CLI Selection Guide.

/nemoclaw Slash Command

The /nemoclaw slash command is available inside the OpenClaw chat interface for quick actions:

SubcommandDescription
/nemoclawShow slash-command help and host CLI pointers
/nemoclaw statusShow sandbox and inference state
/nemoclaw onboardShow onboarding status and reconfiguration guidance
/nemoclaw ejectShow rollback instructions for returning to the host installation

Standalone Host Commands

The nemoclaw binary handles host-side operations that run outside the OpenClaw plugin context.

nemoclaw help, nemoclaw --help, nemoclaw -h

Show the top-level usage summary and command groups. Running nemoclaw with no arguments shows the same help output.

1$ nemoclaw help

nemoclaw --version, nemoclaw -v

Print the installed NemoClaw CLI version.

1$ nemoclaw --version

nemoclaw onboard

Run the interactive setup wizard (recommended for new installs). The wizard creates an OpenShell gateway, registers inference providers, builds the sandbox image, and creates the sandbox. Use this command for new installs and for recreating a sandbox after changes to policy or configuration.

1$ nemoclaw onboard [--non-interactive] [--resume | --fresh] [--recreate-sandbox] [--gpu | --no-gpu] [--from <Dockerfile>] [--name <sandbox>] [--sandbox-gpu | --no-sandbox-gpu] [--sandbox-gpu-device <device>] [--agent <name>] [--control-ui-port <N>] [--yes | -y] [--yes-i-accept-third-party-software]

For NemoClaw-managed environments, use nemoclaw onboard when you need to create or recreate the OpenShell gateway or sandbox. Avoid openshell self-update, npm update -g openshell, openshell gateway start --recreate, or openshell sandbox create directly unless you intend to manage OpenShell separately and then rerun nemoclaw onboard.

The installer detects existing sandbox sessions before onboarding and prints a warning if any are found. To make the installer abort instead of continuing, set NEMOCLAW_SINGLE_SESSION=1:

1$ NEMOCLAW_SINGLE_SESSION=1 curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash

When existing sandboxes were created with OpenShell earlier than 0.0.37, the installer prompts before running the new automatic gateway upgrade path. For scripted installs, set NEMOCLAW_ACCEPT_EXPERIMENTAL_OPENSHELL_UPGRADE=1 to allow the installer to back up registered sandbox state, retire the old gateway, install the current supported OpenShell release, and restore state during onboarding. The automatic path is disabled if the existing nemoclaw CLI does not advertise backup-all; preserve sandbox state manually before retiring the old gateway in that case. To perform those steps manually, run nemoclaw backup-all, retire the old gateway with openshell gateway destroy -g nemoclaw || openshell gateway destroy, then rerun the installer as curl -fsSL https://www.nvidia.com/nemoclaw.sh | NEMOCLAW_OPENSHELL_UPGRADE_PREPARED=1 bash.

The wizard prompts for a provider first, then collects the provider credential if needed. Supported non-experimental choices include NVIDIA Endpoints, OpenAI, Anthropic, Google Gemini, and compatible OpenAI or Anthropic endpoints. Credentials are registered with the OpenShell gateway and never persisted to host disk. See Credential Storage for details on inspection, rotation, and migration from earlier releases. The legacy nemoclaw setup command is deprecated; use nemoclaw onboard instead.

After provider selection, the wizard prompts for a policy tier that controls the default set of network policy presets applied to the sandbox. Three tiers are available:

TierDescription
RestrictedBase sandbox only. No third-party network access beyond inference and core agent tooling.
Balanced (default)Full dev tooling and web search when the active agent supports web search. Package installs, model downloads, and inference. No messaging platform access.
OpenBroad access across third-party services including messaging and productivity. Agent-specific unsupported presets are filtered out.

After selecting a tier, the wizard shows a combined preset and access-mode screen where you can include or exclude individual presets and toggle each between read and read-write access. For details on tiers and the presets each includes, see Network Policies.

In non-interactive mode, set the tier with NEMOCLAW_POLICY_TIER (default: balanced):

1$ NEMOCLAW_POLICY_TIER=restricted nemoclaw onboard --non-interactive --yes-i-accept-third-party-software

NEMOCLAW_POLICY_MODE controls how non-interactive onboarding reconciles the tier-derived suggestions against the sandbox’s currently-applied presets. The default is suggested, which is additive. Onboarding applies tier defaults and preserves any presets you previously added with nemoclaw <name> policy-add across re-onboards. Use custom with NEMOCLAW_POLICY_PRESETS when you want the explicit list to be authoritative. Onboarding removes any preset that is not in the list. skip leaves the applied set untouched and does not apply tier defaults. NemoClaw filters tier suggestions and resume selections by active agent support, so unsupported presets such as Brave Search are not reapplied to agents that do not support them.

ValueBehaviour
suggested (default)Apply tier defaults and preserve any extra presets already applied. Aliases: default, auto.
customApply exactly NEMOCLAW_POLICY_PRESETS. Previously-applied presets not in the list are removed. Alias: list.
skipSkip the policy step entirely. Aliases: none, no.

If you enable Brave Search during onboarding, NemoClaw currently stores the Brave API key in the sandbox’s OpenClaw configuration. That means the OpenClaw agent can read the key. NemoClaw explores an OpenShell-hosted credential path first, but the current OpenClaw Brave runtime does not consume that path end to end yet. Treat Brave Search as an explicit opt-in and use a dedicated low-privilege Brave key.

For non-interactive onboarding, you must explicitly accept the third-party software notice:

1$ nemoclaw onboard --non-interactive --yes-i-accept-third-party-software

or:

1$ NEMOCLAW_ACCEPT_THIRD_PARTY_SOFTWARE=1 nemoclaw onboard --non-interactive

For scripted installer runs, pass explicit acceptance to the bash side of the installer pipe:

1$ curl -fsSL https://www.nvidia.com/nemoclaw.sh | NEMOCLAW_NON_INTERACTIVE=1 NEMOCLAW_ACCEPT_THIRD_PARTY_SOFTWARE=1 bash

If the installer cannot prompt for the notice in a terminal and no explicit acceptance is set, it exits before installing Node.js or the NemoClaw CLI.

To enable Brave Search in non-interactive mode, set:

1$ BRAVE_API_KEY=... \
2  nemoclaw onboard --non-interactive

BRAVE_API_KEY enables Brave Search in non-interactive mode and also enables web_fetch. If Brave Search key validation fails in non-interactive mode, onboarding prints a warning, skips web search setup, and continues with the rest of the sandbox setup. After fixing the key, re-enable web search with nemoclaw config web-search.

The wizard prompts for a sandbox name. Names must be 1 to 63 characters, lowercase, start with a letter, contain only letters, numbers, and internal hyphens, and end with a letter or number. Uppercase letters are automatically lowercased. Names that match global CLI commands (status, list, debug, etc.) are rejected to avoid routing conflicts. Use --agent <name> to target a specific installed agent profile during onboarding.

Use --control-ui-port <N> to choose the host dashboard port for a sandbox. The value must be an integer from 1024 through 65535. This flag takes precedence over CHAT_UI_URL, NEMOCLAW_DASHBOARD_PORT, the previous registry value, and the default port.

If you enable Slack during onboarding, the wizard collects both the Bot Token (SLACK_BOT_TOKEN) and the App-Level Token (SLACK_APP_TOKEN). Socket Mode requires both tokens. The app-level token is stored in a dedicated slack-app OpenShell provider and forwarded to the sandbox alongside the bot token.

If you enable Discord during onboarding, the wizard can also prompt for a Discord Server ID, whether the bot should reply only to @mentions or to all messages in that server, and an optional Discord User ID. NemoClaw bakes those values into the sandbox image as Discord guild workspace config so the bot can respond in the selected server, not just in DMs. If you leave the Discord User ID blank, the guild config omits the user allowlist and any member of the configured server can message the bot. Guild responses remain mention-gated by default unless you opt into all-message replies.

If you enable Telegram during onboarding, the wizard can also prompt for whether group chats should reply only to @mentions or to all group messages. Set TELEGRAM_REQUIRE_MENTION=1 for non-interactive onboarding when you want mention-only group replies. Pairing and TELEGRAM_ALLOWED_IDS still govern direct messages.

If you run onboarding again with the same sandbox name and choose a different inference provider or model, NemoClaw detects the drift and recreates the sandbox so the running OpenClaw UI matches your selection. In interactive mode, the wizard asks for confirmation before delete and recreate. In non-interactive mode, NemoClaw recreates automatically when the stored selection is readable and differs; if NemoClaw cannot read the stored selection, NemoClaw reuses by default. Set NEMOCLAW_RECREATE_SANDBOX=1 to force recreation even when no drift is detected.

Before creating the gateway, the wizard runs preflight checks. It verifies that Docker is reachable, warns on untested runtimes such as Podman, and prints host remediation guidance when prerequisites are missing. The preflight also enforces the OpenShell version range declared in the blueprint (min_openshell_version and max_openshell_version). If the installed OpenShell version falls outside this range, onboarding exits with an actionable error and a link to compatible releases. For fresh OpenShell installs, NemoClaw queries published OpenShell releases and asks the installer to use a release that fits the blueprint range. If release metadata is unavailable, the installer uses its bundled fallback pin and the post-install version gate still enforces the range.

When NemoClaw finds an existing gateway to reuse, it probes the host gateway HTTP endpoint before declaring the gateway reusable. If the container is running but the upstream is still warming up (for example, immediately after a Docker daemon restart), NemoClaw rebuilds the gateway instead of trusting stale metadata. For Linux Docker-driver gateways, onboarding also checks that a helper container on the OpenShell Docker network can reach host.openshell.internal:<gateway-port>. If a host firewall blocks that sandbox path, onboarding exits with a sudo ufw allow from <subnet> to any port <gateway-port> proto tcp command before it reports the gateway healthy. Tune the wait via NEMOCLAW_REUSE_HEALTH_POLL_COUNT (default 6) and NEMOCLAW_REUSE_HEALTH_POLL_INTERVAL (default 5 seconds). The poll count is clamped to a minimum of 1 so the probe always runs at least once, and the interval is clamped to a minimum of 0 (no sleep between attempts).

--from <Dockerfile>

Build the sandbox image from a custom Dockerfile instead of the stock NemoClaw image. The entire parent directory of the specified file is used as the Docker build context, so any files your Dockerfile references (scripts, config, etc.) must live alongside it. Onboarding skips common large directories (node_modules, .git, .venv, and __pycache__) while staging this context. It also skips credential-style files and directories such as .env*, .ssh/, .aws/, .netrc, .npmrc, secrets/, *.pem, and *.key. Other build outputs such as dist/, target/, or build/ are still included. If the staged context is larger than 100 MB, onboarding prints a warning before the Docker build starts. If the directory contains unreadable files (for example, Windows system files visible in WSL), onboarding exits with an error suggesting you move the Dockerfile to a dedicated directory.

1$ nemoclaw onboard --from path/to/Dockerfile

The Dockerfile path must exist. Missing paths fail during command parsing before preflight, gateway setup, inference setup, or sandbox creation starts.

The file can have any name; if it is not already named Dockerfile, onboard copies it to Dockerfile inside the staged build context automatically. To create an isolated build context, create a dedicated directory that contains only the Dockerfile and the files it needs:

build-dir/
├── Dockerfile
└── files-used-by-COPY/

All NemoClaw build arguments (NEMOCLAW_MODEL, NEMOCLAW_PROVIDER_KEY, NEMOCLAW_INFERENCE_BASE_URL, etc.) are injected as ARG overrides at build time, so declare them in your Dockerfile if you need to reference them.

In non-interactive mode, the path can also be supplied via the NEMOCLAW_FROM_DOCKERFILE environment variable. You must also supply a sandbox name via --name <sandbox> or NEMOCLAW_SANDBOX_NAME so a --from build cannot silently clobber the default my-assistant sandbox.

1$ NEMOCLAW_NON_INTERACTIVE=1 NEMOCLAW_FROM_DOCKERFILE=path/to/Dockerfile NEMOCLAW_SANDBOX_NAME=my-build nemoclaw onboard

If a --resume is attempted with a different --from path than the original session, onboarding exits with a conflict error rather than silently building from the wrong image.

--name <sandbox>

Set the sandbox name without going through the interactive prompt. The same name format and reserved-name rules that the wizard enforces apply here too. Names must be 1 to 63 characters, lowercase, start with a letter, contain only letters, numbers, and internal hyphens, and end with a letter or number. Names that match a NemoClaw CLI command (status, list, debug, etc.) are rejected up front.

1$ nemoclaw onboard --non-interactive --name my-build --from path/to/Dockerfile

The flag wins over NEMOCLAW_SANDBOX_NAME. When prompting is possible, NEMOCLAW_SANDBOX_NAME fills the interactive default so you can press Enter to accept it. When prompting is impossible (no TTY or --non-interactive), the env var is also honoured so existing CI scripts keep working. Combining --from <Dockerfile> with non-interactive onboarding requires one of --name or NEMOCLAW_SANDBOX_NAME; otherwise onboarding exits rather than silently defaulting to my-assistant and clobbering the default sandbox.

nemoclaw onboard --from

Use a custom Dockerfile for the sandbox image. This variant of nemoclaw onboard accepts a --from <Dockerfile> argument to build the sandbox from a user-supplied Dockerfile instead of the default NemoClaw image.

1$ nemoclaw onboard --from ./Dockerfile.custom

GPU passthrough

When nemoclaw onboard detects an NVIDIA GPU on the host (nvidia-smi succeeds), it enables OpenShell GPU passthrough at both the gateway and sandbox level by default. Use --no-gpu to opt out when you want host-side inference providers only and do not need direct GPU access inside the sandbox. Use --gpu to require GPU passthrough and fail fast if an NVIDIA GPU is not detected. Use --sandbox-gpu or --no-sandbox-gpu to control only direct NVIDIA GPU access inside the sandbox. Use --sandbox-gpu --sandbox-gpu-device <device> to pass a specific OpenShell GPU device selector to openshell sandbox create; device selectors require explicit sandbox GPU enablement. On Linux Docker-driver gateways, NemoClaw can create the sandbox first and then recreate the OpenShell-managed Docker container with NVIDIA GPU access when that compatibility path is needed. If the patch fails, onboarding keeps diagnostics and prints a manual cleanup command rather than deleting the failed sandbox automatically.

Prerequisites:

  • NVIDIA GPU drivers installed and working (nvidia-smi must succeed).
  • NVIDIA Container Toolkit configured for Docker.

When GPU passthrough is enabled and a gateway already exists without it, onboarding first checks whether replacing the CPU-only gateway is safe. If no other registered sandbox depends on that gateway, or if --recreate-sandbox is recreating the only registered sandbox with the same name, onboarding cleans up the stale gateway and continues. If other sandboxes depend on the gateway or Docker state is unclear, onboarding exits without cleanup and prints targeted destroy or gateway-removal guidance. To add GPU to an existing sandbox, rerun with --recreate-sandbox. Set NEMOCLAW_DOCKER_GPU_PATCH=0 only when you need to bypass the Linux Docker-driver compatibility patch during troubleshooting.

nemoclaw list

List all registered sandboxes with their model, provider, and policy presets. Pass --json for machine-readable output that includes a schemaVersion, the default sandbox, recovery metadata, and the sandbox inventory. Sandboxes with an active SSH session are marked with a indicator so you can tell at a glance which sandbox you are already connected to in another terminal. When a sandbox has a recorded dashboard port, the output includes its local dashboard URL.

1$ nemoclaw list [--json]
2$ nemoclaw list --json

nemoclaw deploy

The nemoclaw deploy command is deprecated. Prefer provisioning the remote host separately, then running the standard NemoClaw installer and nemoclaw onboard on that host.

Deploy NemoClaw to a remote GPU instance through Brev. This command remains as a compatibility wrapper for the older Brev-specific bootstrap flow. The Brev instance name is the positional argument. The sandbox name comes from NEMOCLAW_SANDBOX_NAME and defaults to my-assistant; invalid sandbox names fail before Brev provisioning starts.

1$ nemoclaw deploy <instance-name>

nemoclaw <name> connect

Connect to a sandbox by name. If the sandbox is not yet in the Ready phase, connect polls openshell sandbox list every few seconds and prints the current phase. This gives you progress output right after onboarding, when the 2.4 GB image is still pulling, instead of a silent hang. Control the wait budget with NEMOCLAW_CONNECT_TIMEOUT (integer seconds, default 120). When the deadline expires, connect exits non-zero with the last-seen phase.

On a TTY, a one-shot hint prints before dropping into the sandbox shell. The hint is agent-aware. It names the correct TUI command for the sandbox’s agent and reminds you to use /exit to leave the chat before exit returns you to the host shell. Set NEMOCLAW_NO_CONNECT_HINT=1 to suppress the hint in scripted workflows. If the sandbox is running an outdated agent version, a non-blocking warning prints before connecting with a nemoclaw <name> rebuild hint. If another terminal is already connected to the sandbox, connect prints a note with the number of existing sessions before proceeding. Multiple concurrent sessions are allowed.

After a host reboot, the OpenShell gateway rotates its SSH host keys. connect detects the resulting identity drift, prunes stale openshell-* entries from ~/.ssh/known_hosts, and retries automatically. You no longer need to re-run nemoclaw onboard after a reboot in this case.

1$ nemoclaw my-assistant connect [--probe-only]

The --probe-only flag verifies the sandbox is reachable over SSH and exits without opening a shell. Use it for health checks and scripted readiness probes.

nemoclaw <name> recover

Restart the in-sandbox gateway and re-establish the host-side dashboard port-forward without opening an SSH session. Use this after a sandbox pod restart, a sandbox crash, or whenever nemoclaw <name> status reports the gateway is not running but the sandbox is alive.

recover runs the same recovery the connect command performs as a side effect, but without dropping into a shell, so it is safe to call from scripts and automation. It is idempotent. If the gateway is already running, the command exits zero with a probe message and makes no changes.

1$ nemoclaw my-assistant recover

nemoclaw <name> status

Show sandbox status, health, and inference configuration.

The command probes every inference provider and reports one of three states on the Inference line:

StateMeaning
healthyThe provider endpoint returned a reachable response.
unreachableThe probe failed. The output includes the endpoint URL and a remediation hint.
not probedThe endpoint URL is not known (for example, compatible-* providers).
not verifiedNemoClaw could not verify the sandbox or gateway state, so it skips inference probing.

Local providers (Ollama, vLLM) probe the host-side health endpoint. Remote providers (NVIDIA Endpoints, OpenAI, Anthropic, Gemini) use a lightweight reachability check; any HTTP response, including 401 or 403, counts as reachable. No API keys are sent.

For Local Ollama, the command also probes the authenticated proxy and prints an Inference (auth proxy) line when a proxy token is available. Use that line to distinguish a healthy backend from a broken proxy path that the sandbox uses for inference.

For cloud-only providers, the output omits the NIM status line unless a NIM container is registered or an unexpected NIM container is running.

If the sandbox or gateway cannot be verified, the command exits non-zero instead of reporting healthy inference from stale registry state. Gateway and dashboard health checks treat HTTP 401 from device auth as a live service, not as an offline gateway.

A Connected line reports whether the sandbox has any active SSH sessions and, if so, how many. The sandbox list in the status output includes the dashboard port suffix for sandboxes with a recorded dashboard port.

The Policy section displays the live enforced policy (fetched via openshell policy get --full), which reflects presets added or removed after sandbox creation. When OpenShell reports an active policy version, the displayed YAML version line uses that active version instead of the static schema version. If the sandbox is running an outdated agent version, the output includes an Update line with the available version and a nemoclaw <name> rebuild hint.

When other sandboxes have the same messaging channel enabled (Telegram, Discord, or Slack) with the same bot token, the output includes a cross-sandbox overlap warning so you can resolve the conflict before messages start dropping. The command also tails /tmp/gateway.log inside the default sandbox and flags Telegram 409 Conflict errors that indicate a duplicate consumer for the bot token.

1$ nemoclaw my-assistant status

Checking the OpenClaw version

NemoClaw pins the OpenClaw version inside the sandbox at build time, not at runtime. The minimum version comes from min_openclaw_version in nemoclaw-blueprint/blueprint.yaml, and the sandbox image upgrades OpenClaw to that version during docker build if the cached base image is older. Existing sandboxes do not auto-upgrade when a newer NemoClaw release ships a newer pin — you upgrade by rebuilding the sandbox.

nemoclaw <name> status prints the running OpenClaw version on the Agent line:

1$ nemoclaw my-assistant status
2...
3    Agent:    OpenClaw v2026.4.24
4...

If the sandbox is running an OpenClaw older than the version this NemoClaw release pins, status and connect add an Update line pointing at nemoclaw <name> rebuild to pick up the newer version. The rebuild reuses the existing sandbox name and persisted credentials, so messaging tokens and provider keys carry over.

nemoclaw <name> doctor

Run a focused health check for one sandbox and the host services it depends on. The command checks the local CLI build, Docker daemon, OpenShell CLI, NemoClaw gateway container, gateway port mapping, live sandbox state, inference route, provider reachability, messaging channel conflicts, Ollama reachability, and the cloudflared tunnel state.

Warnings do not make the command fail. Failed checks exit non-zero so scripts can use doctor as a readiness gate. Use --json for machine-readable output.

1$ nemoclaw my-assistant doctor [--json]

nemoclaw <name> logs

View sandbox logs. Use --follow to stream output in real time. Use --tail <lines> or -n <lines> to limit the number of returned lines. Use --since <duration> to show recent logs only, such as 5m, 1h, or 30s. The command reads both OpenClaw gateway output and OpenShell audit events, so policy denials appear alongside the gateway log stream. If one log source is unavailable, NemoClaw prints a warning and keeps reading the remaining source.

1$ nemoclaw my-assistant logs [--follow] [--tail <lines>|-n <lines>] [--since <duration>]

nemoclaw <name> gateway-token

Print the OpenClaw gateway auth token for a running sandbox to stdout. The token is required by openclaw tui and the OpenClaw dashboard URL, but onboarding only prints it once. Pipe it into automation or capture it into an environment variable:

1$ TOKEN=$(nemoclaw my-assistant gateway-token --quiet)
2$ export OPENCLAW_GATEWAY_TOKEN="$TOKEN"

The token is written to stdout with no surrounding text. A one-line security warning is written to stderr; pass --quiet (or -q) to suppress it. The command exits non-zero with a diagnostic on stderr when the sandbox is not registered or when the token cannot be retrieved (for example, if the sandbox is not running).

Treat the gateway token like a password. Do not log it, share it, or commit it to version control.

nemoclaw <name> destroy

Stop the NIM container, remove the host-side Docker image built during onboard, and delete the sandbox. This removes the sandbox from the registry. For Ollama-backed sandboxes, destroy also asks Ollama to unload currently loaded models and clears stale auth proxy state on a best-effort basis.

This command permanently deletes the sandbox and its persistent volume. All workspace files (SOUL.md, USER.md, IDENTITY.md, AGENTS.md, MEMORY.md, and daily memory notes) are lost. Back up your workspace first with nemoclaw <name> snapshot create or see Backup and Restore. If you want to upgrade the sandbox while preserving state, use nemoclaw <name> rebuild instead.

If another terminal has an active SSH session to the sandbox, destroy prints an active-session warning and requires a second confirmation before it proceeds. Pass --yes, -y, or --force to skip the prompt in scripted workflows. By default, destroy preserves the shared NemoClaw gateway. Pass --cleanup-gateway to remove the shared gateway when destroying the last sandbox, or --no-cleanup-gateway to force preservation when environment defaults request cleanup.

1$ nemoclaw my-assistant destroy [--yes|-y|--force] [--cleanup-gateway|--no-cleanup-gateway]

nemoclaw <name> policy-add

Add a policy preset to a sandbox. Presets extend the baseline network policy with additional endpoints. Before applying, the command shows which endpoints the preset would open and prompts for confirmation.

1$ nemoclaw my-assistant policy-add

To apply a specific preset without the interactive picker, pass its name as a positional argument:

1$ nemoclaw my-assistant policy-add pypi --yes

The positional form is required in scripted workflows. Set NEMOCLAW_NON_INTERACTIVE=1 instead of --yes if you want the same behavior from an environment variable. If the preset name is unknown or already applied, the command exits non-zero with a clear error.

FlagDescription
--from-file <path>Apply a custom preset YAML file instead of a built-in preset
--from-dir <path>Apply every custom preset YAML file in a directory in lexicographic order
--yes, --forceSkip the confirmation prompt (requires a preset name, --from-file, or --from-dir)
--dry-runPreview the endpoints a preset would open without applying changes

Use --dry-run to audit a preset before applying it:

1$ nemoclaw my-assistant policy-add --dry-run

Apply a custom preset file when you need to grant access to an endpoint that is not covered by a built-in preset:

1$ nemoclaw my-assistant policy-add --from-file ./presets/my-internal-api.yaml

For batch workflows, apply all preset files from a directory:

1$ nemoclaw my-assistant policy-add --from-dir ./presets/ --yes

Review every host in custom preset files before applying them. Custom presets bypass the built-in preset review process and can widen sandbox egress.

nemoclaw <name> policy-list

List available policy presets and show which ones are applied to the sandbox. The command cross-references the local registry against the live gateway state (via openshell policy get), so it flags presets that are applied in one place but not the other. This catches desync caused by external edits to the gateway policy or stale registry entries after a manual rollback.

1$ nemoclaw my-assistant policy-list

nemoclaw <name> policy-remove

Remove a previously applied policy preset from a sandbox. The command lists only the presets currently applied, prompts you to select one, shows the endpoints that would be removed, and asks for confirmation before narrowing egress.

1$ nemoclaw my-assistant policy-remove

To remove a specific preset non-interactively, pass its name as a positional argument:

1$ nemoclaw my-assistant policy-remove pypi --yes

Set NEMOCLAW_NON_INTERACTIVE=1 as an alternative to --yes. If the preset is unknown or not currently applied, the command exits non-zero with a clear error.

FlagDescription
--yes, --forceSkip the confirmation prompt (requires a preset name)
--dry-runPreview which endpoints would be removed without applying changes

Unchecking a preset in the onboard TUI checkbox also removes it from the sandbox.

nemoclaw <name> hosts-add

Add a host alias to the sandbox pod template. Use this when a sandbox needs a stable LAN-only name, such as a local SearXNG or internal model endpoint, without dropping to docker exec and kubectl patch.

1$ nemoclaw my-assistant hosts-add searxng.local 192.168.1.105

The command validates the hostname and IP address, rejects duplicate hostnames, and patches spec.podTemplate.spec.hostAliases on the sandbox resource.

FlagDescription
--dry-runPrint the JSON patch for the resulting hostAliases list without applying it

nemoclaw <name> hosts-list

List host aliases configured on the sandbox resource.

1$ nemoclaw my-assistant hosts-list

nemoclaw <name> hosts-remove

Remove a hostname from the sandbox hostAliases list.

1$ nemoclaw my-assistant hosts-remove searxng.local
FlagDescription
--dry-runPrint the JSON patch for the resulting hostAliases list without applying it

nemoclaw <name> channels list

List the messaging channels NemoClaw knows about (telegram, discord, slack, wechat, whatsapp) with a short description. The command is a static reference; it does not consult credentials or the running sandbox.

1$ nemoclaw my-assistant channels list

nemoclaw <name> channels add <channel>

Register a messaging channel with the sandbox and rebuild so the image picks up the new channel. Channels fall into three login modes:

  • Token paste (telegram, discord, slack): the command prompts for any missing token and registers it with the OpenShell gateway.
  • Host-side QR (wechat): the command runs an interactive host-side QR scan to capture a static session token, then registers it with the gateway.
  • In-sandbox QR (whatsapp): the command records the channel without a host-side token or OpenShell credential provider. NemoClaw advertises WhatsApp for OpenClaw and Hermes sandboxes; after rebuild, run openclaw channels login --channel whatsapp for OpenClaw or hermes whatsapp for Hermes. This intentionally leaves QR-created mutable session state in the sandbox until you unpair it or clear the durable agent state.

After registering the channel, NemoClaw asks whether to rebuild immediately. Running add for an already-configured channel simply overwrites the stored credentials where applicable — the operation is idempotent. Channel names are trimmed and lowercased before NemoClaw stores credentials, names bridge providers, or prints rebuild messages. If a matching built-in network policy preset exists, NemoClaw applies it to the sandbox before the rebuild so the bridge has egress to its upstream API; if applying the preset fails, NemoClaw warns and tells you to re-apply manually with nemoclaw <sandbox> policy-add <channel>.

1$ nemoclaw my-assistant channels add telegram
FlagDescription
--dry-runValidate the channel and token inputs without saving credentials or rebuilding

Slack requires both SLACK_BOT_TOKEN (bot user OAuth) and SLACK_APP_TOKEN (app-level Socket Mode token); the command prompts for each in turn. When NEMOCLAW_NON_INTERACTIVE=1 is set, any missing token fails fast and no rebuild prompt is shown — instead, the change is queued and you are told to run nemoclaw <name> rebuild manually.

nemoclaw <name> channels remove <channel>

Clear the stored credentials for a messaging channel and rebuild the sandbox so the image drops the channel. Running remove for a channel that was never configured is a no-op against the credentials file and still triggers the rebuild prompt. When the bridge provider is attached to a live sandbox, NemoClaw detaches it before deleting the provider from the OpenShell gateway. If the matching built-in policy preset is applied, such as telegram, discord, slack, wechat, or whatsapp, NemoClaw also removes that preset so the upstream API is no longer allow-listed after the channel is gone.

1$ nemoclaw my-assistant channels remove telegram
FlagDescription
--dry-runReport the channel that would be removed without clearing credentials or rebuilding

As with channels add, NEMOCLAW_NON_INTERACTIVE=1 skips the rebuild prompt and queues the change for a manual nemoclaw <name> rebuild.

Host-side removal is the supported path because agent channel config is baked into the container image at build time (/sandbox/.openclaw/openclaw.json for OpenClaw and /sandbox/.hermes/.env for Hermes); agent-specific channel removals inside the sandbox would modify the running config but not persist changes across rebuilds.

nemoclaw <name> channels stop <channel>

Pause a single messaging bridge (telegram, discord, slack, wechat, or whatsapp) without clearing its credentials. The channel is marked disabled in the per-sandbox registry, and the sandbox is rebuilt so the onboard step skips registering the bridge with the gateway. The provider stays registered with the OpenShell gateway, so a later channels start brings the bridge back without re-entering tokens.

1$ nemoclaw my-assistant channels stop telegram
FlagDescription
--dry-runReport the channel that would be disabled without updating the registry or rebuilding

Use channels stop instead of channels remove when you want to pause a bridge temporarily. channels remove is destructive to credentials; channels stop is not.

nemoclaw <name> channels start <channel>

Re-enable a channel previously paused with channels stop. The channel is removed from the disabled list, the sandbox is rebuilt, and the bridge registers with the gateway again using the stored credentials.

1$ nemoclaw my-assistant channels start telegram
FlagDescription
--dry-runReport the channel that would be re-enabled without updating the registry or rebuilding

nemoclaw <name> skill install <path>

Deploy a skill directory to a running sandbox. The command validates the SKILL.md frontmatter (a name field is required), uploads all non-dot files preserving subdirectory structure, and performs agent-specific post-install steps.

1$ nemoclaw my-assistant skill install ./my-skill/

The skill directory must contain a SKILL.md file with YAML frontmatter that includes a name field. Skill names must contain only alphanumeric characters, dots, hyphens, and underscores. OpenClaw plugins are a different kind of extension. To install an OpenClaw plugin, see Install OpenClaw Plugins. Run nemoclaw <name> skill install --help to print usage for this subcommand. If you pass a plugin-shaped directory to skill install, the CLI prints a plugin-specific hint instead of treating it as a missing skill file.

Files with names starting with . (dotfiles) are skipped and listed in the output. Files with unsafe path characters are rejected to prevent shell injection.

If the skill already exists on the sandbox, the command updates it in place and preserves chat history. For new installs, the agent session index is refreshed so the agent discovers the skill on the next session.

nemoclaw <name> rebuild

Upgrade a sandbox to the current agent version while preserving workspace state. The command backs up workspace state, destroys the old sandbox (including its host-side Docker image), recreates it with the current image via onboard --resume, and restores workspace state into the new sandbox. Credentials are stripped from backups before storage. Policy presets applied to the old sandbox are reapplied to the new one so your egress rules survive the rebuild.

1$ nemoclaw my-assistant rebuild [--yes|-y|--force] [--verbose|-v]
FlagDescription
--yes, -y, --forceSkip the confirmation prompt
--verbose, -vLog SSH commands, exit codes, and session state (also enabled by NEMOCLAW_REBUILD_VERBOSE=1)

If another terminal has an active SSH session to the sandbox, rebuild prints an active-session warning and requires confirmation before destroying the sandbox. Pass --yes, -y, or --force to skip the prompt in scripted workflows.

The sandbox must be running for the backup step to succeed. If an archive command reports partial output while still producing usable data, rebuild keeps the captured backup entries and reports only the manifest-defined paths that could not be archived. If any required state path still cannot be backed up, rebuild exits before destroying the original sandbox. After restore, the command runs openclaw doctor --fix for cross-version structure repair.

nemoclaw update

Check for a NemoClaw CLI update and, when requested, run the maintained installer flow. This command is a discoverable CLI wrapper around the supported installer path:

1$ curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash
1$ nemoclaw update [--check] [--yes|-y]
FlagDescription
--checkShow the current version, latest maintained version, install type, and maintained update command without changing anything
--yes, -ySkip the confirmation prompt and run the maintained installer flow

nemoclaw update updates the host-side NemoClaw installation. It does not replace nemoclaw upgrade-sandboxes; use that command to inspect or rebuild existing sandboxes after the CLI has been updated. When the command is running from a source checkout, it reports that state and does not replace the checkout with a global package install.

nemoclaw upgrade-sandboxes

Rebuild sandboxes whose base image is older than the one currently pinned by NemoClaw. NemoClaw resolves the digest of ghcr.io/nvidia/nemoclaw/sandbox-base:latest from the registry, then compares it against the digest each sandbox was created with. Sandboxes that match the current digest are left alone.

1$ nemoclaw upgrade-sandboxes [--check] [--auto] [--yes|-y]
FlagDescription
--checkList stale sandboxes without rebuilding any of them. Exits non-zero if any are stale.
--autoRebuild every stale sandbox without prompting. Used by the installer to upgrade in place.
--yes, -ySkip the confirmation prompt for the rebuild plan.

Each rebuild reuses the same workspace backup-and-restore flow as nemoclaw <name> rebuild, so workspace files survive the upgrade. If the registry is unreachable (offline or firewalled hosts), NemoClaw falls back to the unpinned :latest tag and reports that the digest could not be resolved instead of failing.

nemoclaw backup-all

Back up all registered running sandboxes to ~/.nemoclaw/rebuild-backups/. Sandboxes that are not running are skipped.

1$ nemoclaw backup-all

The installer calls backup-all automatically before onboarding to protect against data loss during OpenShell upgrades.

nemoclaw <name> snapshot create

Create a timestamped snapshot of sandbox state. Snapshots are stored in ~/.nemoclaw/rebuild-backups/<name>/.

1$ nemoclaw my-assistant snapshot create
FlagDescription
--name <label>Attach a human-readable label to the snapshot so you can restore by name later

Names must be 1 to 63 characters from [A-Za-z0-9._-], start with an alphanumeric character, and cannot look like a version selector (v1, v2, …). Duplicate names per sandbox are rejected; pick a different name or delete the existing snapshot first.

1$ nemoclaw my-assistant snapshot create --name before-upgrade

nemoclaw <name> snapshot list

List available snapshots for a sandbox as a table of version, name, timestamp, and path. Versions (v1, v2, …) are computed on read from timestamp-ascending order, so v1 is the oldest snapshot and vN is the newest. Snapshots created before this feature landed are numbered retroactively.

1$ nemoclaw my-assistant snapshot list

nemoclaw <name> snapshot restore [selector] [--to <dst>]

Restore sandbox state from a snapshot. The sandbox must be running before you restore. If no selector is provided, the latest snapshot is used. Restore performs a clean replacement of each state directory, removing files that were added after the snapshot was taken.

The selector accepts any of:

  • A version (v1, v2, …, vN) from snapshot list.
  • An exact name passed to snapshot create --name.
  • An exact or prefix timestamp (partial prefixes are accepted when they match exactly one snapshot).

Pass --to <dst> to restore the snapshot into a different sandbox instead of the source. When dst does not exist, it is auto-created by reusing the source sandbox’s container image — no re-onboarding needed.

1# restore latest snapshot in-place
2$ nemoclaw my-assistant snapshot restore
3
4# restore by version
5$ nemoclaw my-assistant snapshot restore v3
6
7# restore by user-assigned name
8$ nemoclaw my-assistant snapshot restore before-upgrade
9
10# restore by exact timestamp
11$ nemoclaw my-assistant snapshot restore 2026-04-21T07-35-55-987Z
12
13# clone v3 into another sandbox
14$ nemoclaw my-assistant snapshot restore v3 --to my-assistant-clone

nemoclaw <name> share mount

Mount the sandbox filesystem on the host machine via SSHFS for bidirectional file sharing. Files edited on the host appear instantly inside the sandbox, and vice versa.

1$ nemoclaw my-assistant share mount
2✓ Mounted /sandbox → ~/.nemoclaw/mounts/my-assistant
ArgumentDefaultDescription
sandbox-path/sandboxRemote path inside the sandbox to mount
local-mount-point~/.nemoclaw/mounts/<name>Local directory to mount onto (auto-created)

Prerequisites:

  • sshfs must be installed on the host (sudo apt-get install sshfs on Linux, brew install macfuse && brew install sshfs on macOS).
  • The sandbox must be running.
  • The remote sandbox path must exist. NemoClaw verifies it before invoking sshfs and prints a connect, then ls <path> check when the probe fails.
  • Sandboxes created before the openssh-sftp-server base image update must be rebuilt with nemoclaw <name> rebuild.
  • The local mount path must be on a writable filesystem; FUSE creates the mount on the host side. If the default ~/.nemoclaw/mounts/<name> lives on a read-only filesystem, pass an explicit writable path as the second positional argument.
1# mount a specific path to a custom local directory
2$ nemoclaw my-assistant share mount /sandbox/workspace ~/my-workspace

nemoclaw <name> share unmount

Unmount a previously mounted sandbox filesystem.

1$ nemoclaw my-assistant share unmount
ArgumentDefaultDescription
local-mount-point~/.nemoclaw/mounts/<name>Local directory to unmount

nemoclaw <name> share status

Check whether the sandbox filesystem is currently mounted.

1$ nemoclaw my-assistant share status
2● Mounted at ~/.nemoclaw/mounts/my-assistant
ArgumentDefaultDescription
local-mount-point~/.nemoclaw/mounts/<name>Local directory to check

openshell term

Open the OpenShell TUI to monitor sandbox activity and approve network egress requests. Run this on the host where the sandbox is running.

1$ openshell term

For a remote Brev instance, SSH to the instance and run openshell term there, or use a port-forward to the gateway.

nemoclaw tunnel start

Start optional host auxiliary services. This is the cloudflared tunnel when cloudflared is installed (for a public URL to the dashboard). Channel messaging (Telegram, Discord, Slack) is not started here; it is configured during nemoclaw onboard and runs through OpenShell-managed constructs.

1$ nemoclaw tunnel start

nemoclaw start remains as a deprecated alias that prints a warning and delegates to tunnel start.

nemoclaw tunnel stop

Stop host auxiliary services that nemoclaw tunnel start started (for example cloudflared). NemoClaw also tries to stop the OpenClaw gateway inside the selected or default sandbox, which stops in-sandbox messaging channel polling for that sandbox. Use nemoclaw <name> channels stop <channel> when you only want to pause one bridge without stopping the gateway.

1$ nemoclaw tunnel stop

nemoclaw stop remains as a deprecated alias that prints a warning and delegates to tunnel stop.

nemoclaw start

Deprecated. Use nemoclaw tunnel start instead.

This command remains as a compatibility alias to nemoclaw tunnel start.

nemoclaw stop

Deprecated. Use nemoclaw tunnel stop instead.

This command remains as a compatibility alias to nemoclaw tunnel stop.

nemoclaw status

Show the sandbox list and the status of host auxiliary services (for example cloudflared). Pass --json for machine-readable output with registered sandboxes, service state, inference routes, and messaging health. For each listed sandbox, the text output includes the configured inference provider and model plus whether an active SSH session is connected.

1$ nemoclaw status
2$ nemoclaw status --json

When at least one sandbox is registered and the named NemoClaw gateway is unreachable, unhealthy, or attached to a different sandbox, the command prints a gateway: down [state] (reason) line between the sandbox list and the host-service list. The command suggests openshell gateway start --name nemoclaw or nemoclaw onboard --resume to recover. It exits with code 1 so shell scripts and CI can detect the degraded state from $?. For --json, the structured output includes gatewayHealth, and the exit code is set after the report is generated. A clean machine with no registered sandboxes keeps the legacy 0 exit because no gateway is expected to be configured yet. If cloudflared is installed but not running, the host-service section reports whether the PID file is missing, invalid, or points at a dead process, then suggests nemoclaw tunnel start as the recovery command.

nemoclaw inference get

Show the active live inference provider and model from the NemoClaw-managed OpenShell gateway. Use this command when you want the direct runtime route without the rest of the sandbox status output.

1$ nemoclaw inference get
2$ nemoclaw inference get --json

nemoclaw inference set

Switch the active inference provider or model for a NemoClaw-managed OpenClaw or Hermes sandbox. The command updates the OpenShell gateway route, patches the selected running agent config so it matches the route, recomputes the config hash, and updates the NemoClaw registry. For Hermes, the patch updates /sandbox/.hermes/config.yaml (model.default, model.base_url, and model.provider: custom) and does not rebuild or restart the gateway.

By default, the command syncs the default registered sandbox. Under the nemohermes alias, it uses the registered Hermes sandbox when exactly one exists; otherwise pass --sandbox <name> to target one explicitly.

1$ nemoclaw inference set --provider <provider> --model <model> [--sandbox <name>] [--no-verify]

Supported provider names are nvidia-prod, nvidia-nim, nvidia-router, openai-api, anthropic-prod, compatible-anthropic-endpoint, gemini-api, compatible-endpoint, hermes-provider, ollama-local, and vllm-local. Use --no-verify only when OpenShell cannot verify the provider at switch time but you have already confirmed the provider and credential.

nemoclaw setup

The nemoclaw setup command is deprecated. Use nemoclaw onboard instead.

This command remains as a compatibility alias to nemoclaw onboard and accepts the same flags: --non-interactive, --resume, --fresh, --recreate-sandbox, --gpu / --no-gpu, --from, --name, --sandbox-gpu / --no-sandbox-gpu, --sandbox-gpu-device, --agent, --control-ui-port, --yes / -y, --yes-i-accept-third-party-software.

1$ nemoclaw setup

nemoclaw setup-spark

The nemoclaw setup-spark command is deprecated. Use the standard installer and run nemoclaw onboard instead, because current OpenShell releases handle the older DGX Spark cgroup behavior.

This command remains as a compatibility alias to nemoclaw onboard and accepts the same flags: --non-interactive, --resume, --fresh, --recreate-sandbox, --gpu / --no-gpu, --from, --name, --sandbox-gpu / --no-sandbox-gpu, --sandbox-gpu-device, --agent, --control-ui-port, --yes / -y, --yes-i-accept-third-party-software.

1$ nemoclaw setup-spark

nemoclaw debug

Collect diagnostics for bug reports. Gathers system info, Docker state, gateway logs, and sandbox status into a summary or tarball. Use --sandbox <name> to target a specific sandbox, --quick for a smaller snapshot, or --output <path> to save a tarball that you can attach to an issue.

1$ nemoclaw debug [--quick|-q] [--sandbox NAME] [--output PATH|-o PATH]
FlagDescription
--quick, -qCollect minimal diagnostics only
--sandbox NAMETarget a specific sandbox (default: auto-detect)
--output PATH, -o PATHWrite diagnostics tarball to the given path

If --output is set and the tarball cannot be written (for example, the destination directory is missing or read-only), the command exits non-zero so scripts can detect the failure.

nemoclaw credentials list

List the provider credentials registered with the OpenShell gateway. Values are not printed.

1$ nemoclaw credentials list

nemoclaw credentials reset <PROVIDER>

Remove a provider credential from the OpenShell gateway by provider name. After removal, re-running nemoclaw onboard re-prompts for that provider’s credential. Run nemoclaw credentials list first if you are not sure of the provider name.

1$ nemoclaw credentials reset nvidia-prod
FlagDescription
--yes, -ySkip the confirmation prompt

nemoclaw gc

Remove orphaned sandbox Docker images from the host. Each nemoclaw onboard builds an openshell/sandbox-from:<timestamp> image (~765 MB). The destroy and rebuild commands clean up the image automatically, but images from older NemoClaw versions or interrupted operations may remain. This command lists all openshell/sandbox-from:* images, cross-references the sandbox registry, and removes any that are no longer associated with a registered sandbox.

1$ nemoclaw gc [--dry-run] [--yes|-y|--force]
FlagDescription
--dry-runList orphaned images without removing them
--yes, -y, --forceSkip the confirmation prompt

nemoclaw uninstall

Run uninstall.sh to remove NemoClaw sandboxes, gateway resources, related images and containers, and local state. The CLI runs the local uninstall.sh shipped with the installed npm package. If that local script is missing, the CLI does not auto-fetch a remote copy. It prints the versioned URL of the matching uninstall.sh so you can download, review, and run it manually.

Uninstall also stops any orphaned openshell host processes left behind by previous onboard or destroy cycles, including openshell sandbox create, openshell ssh-proxy, and SSH sessions spawned by OpenShell. Earlier releases only stopped openshell forward processes, so those orphans accumulated across runs.

For Local Ollama setups, uninstall also stops matching Ollama auth proxy processes before deleting ~/.nemoclaw state so stale proxy listeners do not block a later reinstall.

On Linux, uninstall removes ~/.local/state/nemoclaw, which contains Docker-driver gateway PID files, SQLite data, audit logs, and VM-driver state.

FlagEffect
--yesSkip the confirmation prompt
--keep-openshellLeave OpenShell binaries installed
--delete-modelsAlso remove NemoClaw-pulled Ollama models
--gateway <name>Override the gateway name to remove (default: nemoclaw)
1$ nemoclaw uninstall [--yes] [--keep-openshell] [--delete-models] [--gateway <name>]

nemoclaw uninstall vs. the hosted uninstall.sh

Both forms execute the same uninstall.sh with the same flags, but differ in where the script comes from and how much they trust the network. Use nemoclaw uninstall by default. Use the hosted curl … | bash form only when the CLI is broken or already partially removed.

nemoclaw uninstallcurl … | bash (Quickstart)
Source of the scriptLocal uninstall.sh shipped with the installed npm package.Pulled live from refs/heads/main on GitHub.
Version pinningPinned to the version of NemoClaw you installed.Whatever is on main right now; may be newer than your installed CLI.
Network trustNo network fetch at uninstall time; runs a vetted local file via bash.Pipes a remote script straight to bash with no review step.
RobustnessRequires the npm package to be discoverable so the CLI can find the local script.Works even if the nemoclaw CLI is missing, broken, or partially uninstalled.
Recommended forRoutine uninstalls.Recovery when the CLI is unavailable.

Environment Variables

NemoClaw reads the following environment variables to configure service ports, onboarding behavior, and lifecycle defaults. Set them before running nemoclaw onboard or any command that starts services. All ports must be non-privileged integers between 1024 and 65535.

VariableDefaultService
NEMOCLAW_GATEWAY_PORT8080OpenShell gateway port
NEMOCLAW_GATEWAY_BIND_ADDRESS127.0.0.1OpenShell gateway bind address (127.0.0.1 or 0.0.0.0)
NEMOCLAW_DASHBOARD_PORT18789 (auto-derived from CHAT_UI_URL port if set)Dashboard UI
NEMOCLAW_VLLM_PORT8000vLLM / NIM inference
NEMOCLAW_OLLAMA_PORT11434Ollama inference
NEMOCLAW_OLLAMA_PROXY_PORT11435Ollama auth proxy
NEMOCLAW_DASHBOARD_BINDunset (loopback)Dashboard forward bind address — set to 0.0.0.0 to opt in to remote bind for SSH-deployed hosts

If a port value is not a valid integer or falls outside the allowed range, the CLI exits with an error. NEMOCLAW_GATEWAY_PORT also cannot overlap the configured dashboard, vLLM, Ollama, or Ollama proxy ports, and cannot use the dashboard auto-allocation range 18789 through 18799 or the default inference/proxy ports 8000, 11434, and 11435. On non-WSL hosts, NEMOCLAW_OLLAMA_PORT and NEMOCLAW_OLLAMA_PROXY_PORT must be different. If you run Ollama on port 11435, set NEMOCLAW_OLLAMA_PROXY_PORT to another free port before onboarding.

NEMOCLAW_GATEWAY_BIND_ADDRESS accepts only 127.0.0.1 and 0.0.0.0. Binding the OpenShell gateway to 0.0.0.0 may make it reachable from other hosts on the network.

NEMOCLAW_DASHBOARD_BIND controls the dashboard port forward bind address. By default the forward stays on 127.0.0.1 (loopback only). Set NEMOCLAW_DASHBOARD_BIND=0.0.0.0 before nemoclaw onboard (or nemoclaw <sandbox> connect) to bind the dashboard on all interfaces — useful when the host is reached over SSH (Brev, cloud workstations) and the dashboard URL needs to be opened from a different machine on the network. Only 0.0.0.0 enables the remote bind; other values are ignored. When the remote bind is opted in, the dashboard auth flow accepts non-loopback origins.

1$ export NEMOCLAW_DASHBOARD_PORT=19000
2$ nemoclaw onboard
1$ NEMOCLAW_GATEWAY_BIND_ADDRESS=0.0.0.0 NEMOCLAW_GATEWAY_PORT=8990 nemoclaw onboard

These overrides apply to onboarding, status checks, health probes, and the uninstaller. Defaults are unchanged when no variable is set. If NEMOCLAW_DASHBOARD_PORT or the port from CHAT_UI_URL is already occupied by another sandbox, onboarding scans 18789 through 18799 and uses the next free dashboard port. Pass --control-ui-port <N> to require a specific port.

Onboarding Configuration

These variables let you tune onboarding without editing the Dockerfile or passing repeated flags. Set them before running nemoclaw onboard.

VariableFormatEffect
NEMOCLAW_PROVIDERprovider key (e.g. build, openai, anthropic, anthropicCompatible, gemini, ollama, custom, vllm, nim-local, routed, hermesProvider, install-vllm, install-ollama, install-windows-ollama, start-windows-ollama)Selects the inference provider during onboarding. The wizard skips the provider menu in both interactive and non-interactive runs when this is set. Aliases: cloudbuild, nimnim-local, hermes / hermes-provider / nous / nous-portalhermesProvider, anthropiccompatibleanthropicCompatible. Invalid values fail fast with the list of accepted keys.
NEMOCLAW_HERMES_AUTH_METHODoauthSelects Hermes Provider authentication in non-interactive onboarding. Valid values: oauth, nous-portal-oauth, api-key, nous-api-key.
NEMOCLAW_HERMES_AUTHsame as NEMOCLAW_HERMES_AUTH_METHODBack-compatible alias for Hermes Provider authentication selection.
NEMOCLAW_NOUS_AUTH_METHODsame as NEMOCLAW_HERMES_AUTH_METHODNous-specific alias for Hermes Provider authentication selection.
NEMOCLAW_ENDPOINT_URLURLCustom OpenAI-compatible endpoint URL. Used together with NEMOCLAW_PROVIDER=compatible.
NEMOCLAW_PREFERRED_APIcompletions (currently the only honored value)Forces the validation probe to use the /v1/chat/completions API path instead of the newer /v1/responses API.
NEMOCLAW_INFERENCE_INPUTScomma-separated list of text and/or imageDeclares model input modalities for vision-capable models. Validated strictly; unknown tokens are ignored.
NEMOCLAW_AGENT_TIMEOUTpositive integer (seconds)Overrides agents.defaults.timeoutSeconds in the built OpenClaw config. Raise for slow inference.
NEMOCLAW_CONTEXT_WINDOWpositive integer (tokens)Overrides the model’s context-window value in the built OpenClaw config.
NEMOCLAW_MAX_TOKENSpositive integer (tokens)Overrides the model’s maxTokens in the built OpenClaw config.
NEMOCLAW_REASONINGtrue or falseOverrides the model’s reasoning-mode flag in the built OpenClaw config.
NEMOCLAW_AGENT_HEARTBEAT_EVERYduration with s, m, or h suffix (for example 30m, 1h, or 0m)Overrides agents.defaults.heartbeat.every in the built OpenClaw config. Set 0m to disable periodic agent turns.
NEMOCLAW_OLLAMA_REQUIRE_TOOLS0 to disable, anything else to keep the defaultWhen set to 0, skips the Ollama tool-calling capability check during local-inference onboarding.
NEMOCLAW_PROXY_HOSThostname or IPOverrides the sandbox-side outbound HTTP proxy host. Defaults to 10.200.0.1.
NEMOCLAW_PROXY_PORTinteger portOverrides the sandbox-side outbound HTTP proxy port. Defaults to 3128.
NEMOCLAW_OPENSHELL_BINpathOverrides the openshell binary the CLI invokes. Defaults to openshell (resolved via PATH).
NEMOCLAW_SANDBOXsandbox nameAlternate spelling of NEMOCLAW_SANDBOX_NAME; used by services and debug lookups when neither a flag nor NEMOCLAW_SANDBOX_NAME is set.
NEMOCLAW_INSTALL_REFgit refFor internal installer commands: the git ref to install from. Overridden by the --install-ref flag.
NEMOCLAW_INSTALL_TAGrelease tagFor internal installer commands: the release tag to install. Overridden by the --install-tag flag.
NEMOCLAW_VLLM_MODELregistry slug or Hugging Face model idSelects the model the managed-vLLM install path serves. Recognised slugs: qwen3.6-27b, nemotron-3-nano-4b, deepseek-r1-distill-70b. Unset uses the per-platform profile default. Gated models (e.g. deepseek-r1-distill-70b) require HF_TOKEN or HUGGING_FACE_HUB_TOKEN.
NEMOCLAW_MODEL_ROUTER_PYTHONabsolute pathPins the host Python interpreter used to create the Model Router virtual environment. Strict. NemoClaw probes only that interpreter and aborts with the failure reason if it does not qualify, rather than silently falling back to another python. Relative command names such as python3.12 are rejected. When unset, NemoClaw probes python3.13, python3.12, python3.11, python3.10, and bare python3, retains every interpreter whose version is in [3.10, 3.14) and whose ensurepip, pyexpat, ssl, and venv stdlib modules import cleanly, and tries python -m venv on each in priority order until one succeeds. Set the pin when the auto-discovered interpreter is broken (for example, Homebrew python@3.14 with a pyexpat dlopen mismatch on macOS).

Onboarding Behavior Flags

These flags toggle optional behaviors during onboarding; set them before running nemoclaw onboard.

VariableFormatEffect
NEMOCLAW_YES1 to enableAuto-accepts confirmation prompts (--yes equivalent) including in helpers like the Ollama proxy auth setup.
NEMOCLAW_NON_INTERACTIVE_SUDO_MODEprompt or empty/unsetWhen set to prompt, allows non-interactive onboarding to use prompt-capable sudo for host setup steps that require elevation, which can ask for a password. Empty/unset is the default and uses sudo -n, which fails instead of asking for a password. Any other value is rejected.
NEMOCLAW_NO_EXPRESS1 to enableInstaller-only. Skips the DGX Spark and DGX Station express install prompt and continues with the normal interactive onboarding flow.
NEMOCLAW_EXPERIMENTAL1 to enableSurfaces experimental providers and flows in onboarding.
NEMOCLAW_IGNORE_RUNTIME_RESOURCES1 to enableSuppresses the under-provisioned runtime warning during preflight. Use only when you know the sandbox host meets the minimums.
NEMOCLAW_DISABLE_OVERLAY_FIX1 to enableSkips the Docker overlay-fix step during sandbox build. For environments where the fix is incompatible.
NEMOCLAW_OVERLAY_SNAPSHOTTERsnapshotter nameSelects the containerd overlay snapshotter for sandbox builds. Empty (default) preserves containerd’s choice.
NEMOCLAW_SKIP_TELEGRAM_REACHABILITY1 to enableSkips the Telegram bot reachability probe during onboard (useful in restricted networks).
NEMOCLAW_CONFIG_ACCEPT_NEW_PATH1 to enableAccepts a new sandbox config path without an interactive prompt when the stored path differs from the discovered one.
NEMOCLAW_SANDBOX_GPUauto, 1, or 0Controls sandbox GPU passthrough during onboarding. auto enables GPU passthrough when an NVIDIA GPU is detected, 1 requires GPU passthrough, and 0 forces CPU-only sandbox creation.
NEMOCLAW_SANDBOX_GPU_DEVICEOpenShell GPU device selectorSelects the GPU device passed with openshell sandbox create --gpu-device. Requires explicit sandbox GPU enablement with NEMOCLAW_SANDBOX_GPU=1 (or --sandbox-gpu for CLI-driven onboarding); otherwise onboarding rejects the selector instead of treating it as an implicit opt-in.
NEMOCLAW_DOCKER_GPU_PATCH0 to disable, anything else to keep the defaultControls the Linux Docker-driver GPU sandbox compatibility patch. Set to 0 only as an escape hatch when the patch fails and you need onboarding to continue without patching the GPU sandbox container.
NEMOCLAW_OPENSHELL_GATEWAY_BINpathAdvanced override for the openshell-gateway binary used by the Linux Docker-driver gateway. Defaults to the binary next to openshell, then common install paths.
NEMOCLAW_OPENSHELL_SANDBOX_BINpathAdvanced override for the openshell-sandbox binary passed to the Linux Docker-driver gateway supervisor. Defaults to the binary next to openshell, then common install paths.
NEMOCLAW_OPENSHELL_GATEWAY_STATE_DIRpathAdvanced override for the Linux Docker-driver gateway pid file and SQLite state directory. Defaults to ~/.local/state/nemoclaw/openshell-docker-gateway.

Probe Timeouts

These tune how long internal probes wait before giving up. Defaults are sized for typical hardware; override only if you see false-positive timeouts.

VariableDefaultEffect
NEMOCLAW_SANDBOX_EXEC_TIMEOUT_MSper call site (typically 15000)Overrides the default timeout for openshell sandbox exec calls issued by recovery and lifecycle helpers. Integer milliseconds; non-positive or non-numeric values fall back to the per-call-site default.
NEMOCLAW_STATUS_PROBE_TIMEOUT_MSbuilt-in defaultOverrides the timeout for the OpenShell status probe used by nemoclaw <name> status. Integer milliseconds; non-positive or non-numeric values fall back to the default.

Onboard Timeouts

The following environment variables tune onboard-time wall-clock limits. Set them before running nemoclaw onboard if a slow connection or large model pull risks tripping the default.

VariableDefaultPurpose
NEMOCLAW_OLLAMA_PULL_TIMEOUT1800 (30 minutes)Wall-clock timeout for ollama pull during onboard, in seconds. Accepts integer or float values. Already-downloaded layers are kept; re-running the pull resumes them.
NEMOCLAW_LOCAL_INFERENCE_TIMEOUT180Wall-clock timeout for the inference-server validation probe during onboard, in seconds. Raise on slow networks or for very large prompts.
NEMOCLAW_SANDBOX_READY_TIMEOUT180Wall-clock timeout for the post-create readiness wait, in seconds. Raise when the sandbox image build, gateway upload, or in-sandbox boot exceeds the default (typical on 70B+ models, first-time gateway uploads over slow links, or DGX Station / remote-VM first runs). When the deadline expires onboarding deletes the orphaned sandbox and prints the retry hint.
1$ export NEMOCLAW_OLLAMA_PULL_TIMEOUT=3600
2$ export NEMOCLAW_SANDBOX_READY_TIMEOUT=600
3$ nemoclaw onboard

If a timeout fires, onboarding emits the elapsed budget plus a hint to raise the relevant variable. The Ollama pull preserves its partial download for the next attempt. The readiness wait deletes the orphaned sandbox first so the next nemoclaw onboard starts clean.

Lifecycle Behavior Flags

These flags change defaults for commands that manage existing sandboxes.

VariableFormatEffect
NEMOCLAW_CLEANUP_GATEWAY1, true, or yes to enable; 0, false, or no to disableSets the default for whether nemoclaw <name> destroy removes the shared gateway when destroying the last sandbox. Command-line --cleanup-gateway and --no-cleanup-gateway still take precedence.
NEMOCLAW_DISABLE_INFERENCE_ROUTE_REPAIR1 to enableSkips the automatic DNS-proxy repair for stale inference.local routes during nemoclaw <name> connect and nemoclaw <name> connect --probe-only. Use only as a troubleshooting escape hatch.

NemoHermes Alias

nemohermes is a convenience alias that pre-selects the Hermes agent. Every nemohermes command is equivalent to running nemoclaw with --agent hermes (for onboard) or NEMOCLAW_AGENT=hermes (for all commands).

1$ nemohermes onboard              # equivalent to: nemoclaw onboard --agent hermes
2$ nemohermes my-sandbox connect   # same as: nemoclaw my-sandbox connect
3$ nemohermes --help               # show NemoHermes-branded help
4$ nemohermes --version            # show the installed NemoHermes CLI version

The alias is installed alongside nemoclaw via npm link or npm install -g. Help text, version output, uninstall progress, completion text, and error messages automatically adjust to show nemohermes when launched through the alias.

Legacy nemoclaw setup

Deprecated. Use nemoclaw onboard instead. Running nemoclaw setup now delegates directly to nemoclaw onboard.

1$ nemoclaw setup