v0.0.60
NemoClaw v0.0.60 improves runtime guidance, sandbox lifecycle reliability, local inference setup, messaging enrollment, and maintainer safeguards:
- OpenClaw runtime guidance stays active without appearing in the visible chat transcript, and sandbox network and filesystem context now tells agents to try allowed in-sandbox actions before reporting them unavailable. OpenClaw device-approval policy also uses the same allowlist and scope behavior during startup and connect. For more information, refer to Architecture.
- Onboarding and sandbox lifecycle paths preserve more host state.
NemoClaw uses the package-managed OpenShell gateway user service when available, scopes gateway and dashboard cleanup by sandbox instance, detects Docker-driver sandboxes without writing the local gateway marker, rolls back failed Docker GPU patches, honors
.dockerignorefor custom--from <Dockerfile>contexts, and can skip default workspace-template seeding withNEMOCLAW_MINIMAL_BOOTSTRAP=1. For more information, refer to NemoClaw CLI Commands Reference. - Local inference setup is more predictable across NVIDIA NIM, Ollama, vLLM, DGX Spark, DGX Station, Anthropic-compatible routes, and Hermes. NemoClaw pulls NIM images by platform digest, uses stable managed-vLLM images and updated DGX model profiles, tightens Ollama fit checks, synchronizes Anthropic route metadata, preserves Hermes proxy API-key placeholders, and serves the prebuilt Hermes dashboard assets from the sandbox image. For more information, refer to Choose an Inference Provider.
- Messaging and day-two CLI operations share more common plumbing.
Messaging enrollment uses manifest hooks across Telegram, Discord, Slack, WeChat, and WhatsApp,
nemoclaw tunnel statusreports Cloudflare tunnel state directly, globalstatusandlisthonor sandbox environment overrides consistently, and installed OpenClaw skills are mirrored into the agent home directory for session startup. For more information, refer to Enable Channels During Onboarding and Run Sandboxes. - Policy and secret-handling safeguards cover more edge cases.
Non-interactive
NEMOCLAW_POLICY_TIERvalidation fails before side effects, interactive onboarding ignores invalid environment values and prompts normally, safe common egress presets are available where supported, persistent-memory scanning catches additional OpenAI and Slack token shapes, and Hermes remote secrets stay out of sandbox-visible surfaces. For more information, refer to Security Best Practices.