--- title: "Run NemoClaw with a Local LLM" publisher: "nvidia" type: "playbook" updated: "2026-04-01T04:09:58.591Z" description: "Build your first local AI assistant on DGX Spark using NemoClaw and Ollama in a secure sandbox, with optional Telegram." canonical: "https://build.nvidia.com/spark/nemoclaw.md" --- # Basic idea **NVIDIA NemoClaw** is an open-source reference stack that simplifies running OpenClaw always-on assistants more safely. It installs the **NVIDIA OpenShell** runtime — an environment designed for executing agents with additional security — and connects them to **local Ollama** inference on your DGX Spark. A single installer command (`nemoclaw.sh`) handles Node.js, OpenShell, and the NemoClaw CLI; the **onboard** wizard then creates a sandboxed agent, optional **Brave Search**, optional **messaging channels** (Telegram, Discord, or Slack), and a **policy tier** with network presets. By the end of this playbook you will have a working AI agent inside an OpenShell sandbox, reachable through the **Web UI** or **terminal TUI**, with inference routed to **local Ollama** on the Spark. You can optionally add **Telegram** (with **cloudflared** for a public webhook URL) and optional **web search** — all without exposing your host filesystem or network beyond what you explicitly allow in policy. ## What you'll accomplish - Install **NemoClaw** with one command (`nemoclaw.sh`), which pulls Node.js, OpenShell, and the CLI as needed - Walk through `nemoclaw onboard` wizard with recommended settings - Open the **Web UI** to interact with agent - Optionally enable **Brave Search** or **Telegram** after onboarding - **Cleanup and uninstall** with the documented `uninstall.sh` flags when finished ## Notice and disclaimers The following sections describe safety, risks, and your responsibilities when running this demo. ### Quick start safety check **Use only a clean environment.** Run this demo on a fresh device or VM with no personal data, confidential information, or sensitive credentials. Keep it isolated like a sandbox. By installing this demo, you accept responsibility for all third-party components, including reviewing their licenses, terms, and security posture. Read and accept before you install or use. ### What you're getting This experience is provided "AS IS" for demonstration purposes only — no warranties, no guarantees. This is a demo, not a production-ready solution. You will need to implement appropriate security controls for your environment and use case. ### Key risks with AI agents - **Data leakage** — Any materials the agent accesses could be exposed, leaked, or stolen. - **Malicious code execution** — The agent or its connected tools could expose your system to malicious code or cyber-attacks. - **Unintended actions** — The agent might modify or delete files, send messages, or access services without explicit approval. - **Prompt injection and manipulation** — External inputs or connected content could hijack the agent's behavior in unexpected ways. ### Participant acknowledgement By participating in this demo, you acknowledge that you are solely responsible for your configuration and for any data, accounts, and tools you connect. To the maximum extent permitted by law, NVIDIA is not responsible for any loss of data, device damage, security incidents, or other harm arising from your configuration or use of NemoClaw demo materials, including OpenClaw or any connected tools or services. ## Isolation layers (OpenShell) | Layer | What it protects | When it applies | |------------|----------------------------------------------------|-----------------------------| | Filesystem | Prevents reads/writes outside allowed paths. | Locked at sandbox creation. | | Network | Blocks unauthorized outbound connections. | Hot-reloadable at runtime. | | Process | Blocks privilege escalation and dangerous syscalls.| Locked at sandbox creation. | | Inference | Reroutes model API calls to controlled backends. | Hot-reloadable at runtime. | ## What to know before starting - Basic use of the Linux terminal and SSH - Familiarity with Docker (permissions, `docker run`, optional `docker` group membership) - Awareness of the security and risk sections above ## Prerequisites **Hardware:** - A DGX Spark (GB10) with keyboard and monitor, or SSH access **Software:** - Fresh install of DGX OS with latest updates Verify your system before starting: ```bash head -n 2 /etc/os-release nvidia-smi docker info --format '{{.ServerVersion}}' ``` Expected: Ubuntu 24.04, NVIDIA GB10 GPU, Docker 28.x+. ## Have ready before you begin | Item | When you need it | |------|------------------| | **Telegram bot token** (optional) | Create with [@BotFather](https://t.me/BotFather) (`/newbot`). You can paste it during **onboarding** (Step 3) **or** when you run **`nemoclaw channels add telegram`** later. | | **Brave Search API key** (optional) | From [Brave Search API](https://brave.com/search/api/) if you enable web search during onboarding or via **`nemoclaw onboard --fresh --gpu`** (`--fresh` re-prompts every onboarding question, including features you previously skipped; without `--fresh` the wizard resumes the previous session and will not re-prompt). | ## Ancillary files All required assets are handled by the NemoClaw installer. No manual cloning is needed. ## Time and risk - **Estimated time:** About 30–60 minutes for a first full pass (install, onboard, model download depending on choice and network). Optional Brave, Telegram, and cloudflared steps add time if you do them in a second session. - **Risk level:** Medium — you are running an AI agent in a sandbox; risks are reduced by isolation but not eliminated. Use a clean environment and do not connect sensitive data or production accounts. - **Last Updated:** 06/01/2026 - Pin nemoclaw installer to v0.0.55, the latest stable version ## More - [Instructions](/spark/nemoclaw/instructions.md) - [Troubleshooting](/spark/nemoclaw/troubleshooting.md)