NemoClawUse these examples when a sandbox is already installed and an integration needs network access.
This page covers only integrations that NemoClaw currently ships as maintained policy preset YAML under nemoclaw-blueprint/policies/presets/.
Integration setup usually has two separate parts:
Prefer NemoClaw commands for policy changes that should be tracked with the sandbox. Use OpenShell directly when you need to inspect blocked requests or approve a one-off request in the TUI.
Replace my-assistant with your sandbox name in the examples.
Check the current policy state first:
For a live view of blocked requests, open the OpenShell TUI in a separate host terminal:
When the agent reaches an endpoint that is not in policy, the TUI shows the host, port, requesting binary, method, and path when available.
Approve a request only when you understand why the integration needs it.
An approval updates the running policy, but it does not create a NemoClaw preset entry that can be reviewed and replayed like policy-add.
NemoClaw ships maintained policy presets for common services in nemoclaw-blueprint/policies/presets/.
Preview the endpoints before applying:
Apply the preset:
Remove it later if the sandbox no longer needs that access:
Use the outlook preset for Microsoft 365 email and calendar workflows that use Microsoft Graph or Outlook endpoints.
The preset allows graph.microsoft.com, Microsoft login, and Outlook service endpoints.
Then configure the email or calendar tool credentials through the integration you are running in the sandbox. Keep OAuth client secrets and refresh tokens out of policy files.
If the tool still fails, run openshell term, trigger the workflow again, and inspect the blocked request.
If the blocked endpoint is not covered by the maintained outlook preset, treat it as a separate policy review instead of assuming it is part of the supported preset.
Telegram needs both channel configuration and egress policy. If you already enabled Telegram during onboarding but did not include the preset, add it to the running sandbox:
To add Telegram after onboarding, set the token on the host, add the channel, rebuild so the image picks up the channel config, and make sure the policy preset is applied:
If delivery fails, open the TUI and send a test message to the bot:
The matching preset for each supported messaging channel is the channel name (telegram, discord, slack, wechat, or whatsapp).
Slack and Discord also need both channel configuration and egress policy. Use the matching policy preset after you configure the channel credentials.
For Slack:
For Discord:
If you enabled Slack or Discord during onboarding, apply only the matching preset:
WeChat and WhatsApp are experimental. Both rely on QR-based pairing flows that are more fragile than token-based bots, and the upstream client libraries can change behavior without notice.
WeChat uses Tencent’s iLink Bot API for personal accounts. The bot token is captured by a host-side QR scan during onboarding rather than pasted from a developer portal. Add the channel interactively and apply the preset:
WhatsApp Web pairs entirely inside the sandbox via QR scan, so channels add does not collect a host-side token.
Apply the preset and complete the in-sandbox pairing after the rebuild:
If you enabled WeChat or WhatsApp during onboarding, apply only the matching preset:
Use github when the agent needs GitHub API or Git access.
Use jira when the agent needs Atlassian Jira access.
Preview first:
Apply the preset that matches the workflow:
The jira preset intentionally allows Node.js access to Atlassian Cloud and does not allow curl.
When validating it manually, avoid plain curl -s against auth.atlassian.com.
Atlassian can return an empty redirect body even when the request succeeds.
Use a body-visible API probe instead:
Before approval, the curl probe should report 000 or a local policy denial.
After explicitly approving curl for api.atlassian.com in OpenShell, it should return Atlassian’s unauthenticated 401 JSON response.
That 401 is the expected success signal for this manual probe.
This manual probe proves curl reached Atlassian, but no Jira credentials were supplied.
Remove access when the task is done:
The default Balanced policy tier includes brave.
If you chose Restricted during onboarding or removed the preset later, add it before enabling Brave Search workflows:
The Brave Search API key is still configured separately during onboarding or through the web search setup flow.
Use these presets when an agent workflow installs packages or downloads model assets:
Add only the preset required for the task:
Remove package access after a one-time setup task if the sandbox no longer needs it:
The pypi preset allows Python, pip, virtual-environment Python and pip, and /usr/local/bin/uv to reach PyPI endpoints.
If uv is installed somewhere else in the sandbox, add a custom preset for that binary path instead of broadening the maintained preset locally.
The sandbox base image includes Homebrew (Linuxbrew), so applying the brew preset is the only step needed before installing a formula.
A /usr/local/bin/brew wrapper puts the entry point on the sandbox PATH while delegating to the Linuxbrew prefix.
Installed formula commands are available from the Linuxbrew bin directory in sandbox shell sessions:
You do not need to bootstrap Homebrew, install build dependencies, or source brew shellenv inside the sandbox.
OpenClaw’s gateway fetches reference pricing from LiteLLM and OpenRouter on every start so it can populate usage.cost in session JSONL records.
The default-strict egress policy denies both hosts.
The fetch fails closed, the gateway logs [gateway/model-pricing] LiteLLM pricing fetch failed: TypeError: fetch failed (and the matching OpenRouter line) on every startup, and every session record records usage.cost = 0 even though the input and output token counts populate correctly.
Tools that read the session log to display per-turn cost (audit dashboards, compliance review surfaces) cannot distinguish a real free run from this silent failure.
Apply the openclaw-pricing preset to allow both pricing endpoints.
The preset pins each host to a single read-only path so it does not widen egress beyond the pricing fetch:
After the next gateway restart the WARN entries stop and usage.cost populates from the fetched pricing tables.
Use local-inference when the sandbox needs access to host-side local inference services such as Ollama or vLLM through the OpenShell host gateway.
Onboarding auto-suggests this preset when you choose a local provider.
If you need to add it after onboarding:
Then verify the sandbox status:
Use policy-list for normal preset state:
Use OpenShell when you need the full enforced YAML:
If you must replace the live policy, edit the full policy file and set it back:
openshell policy set replaces the live policy with the file you provide.
It does not accept a preset file that starts with a preset: block, and it does not merge a single endpoint into the existing policy.
Use nemoclaw my-assistant policy-add for maintained NemoClaw presets.
policy-add, policy-list, policy-remove, and channels command reference.