Run NemoClaw with a Local LLM

Basic idea

NVIDIA NemoClaw is an open-source reference stack that simplifies running OpenClaw always-on assistants more safely. It installs the NVIDIA OpenShell runtime — an environment designed for executing agents with additional security — and connects them to local Ollama inference on your DGX Spark. A single installer command (nemoclaw.sh) handles Node.js, OpenShell, and the NemoClaw CLI; the onboard wizard then creates a sandboxed agent, optional Brave Search, optional messaging channels (Telegram, Discord, or Slack), and a policy tier with network presets.

By the end of this playbook you will have a working AI agent inside an OpenShell sandbox, reachable through the Web UI or terminal TUI, with inference routed to local Ollama on the Spark. You can optionally add Telegram (with cloudflared for a public webhook URL) and optional web search — all without exposing your host filesystem or network beyond what you explicitly allow in policy.

What you'll accomplish

Install NemoClaw with one command (nemoclaw.sh), which pulls Node.js, OpenShell, and the CLI as needed
Walk through nemoclaw onboard wizard with recommended settings
Open the Web UI to interact with agent
Optionally enable Brave Search or Telegram after onboarding
Cleanup and uninstall with the documented uninstall.sh flags when finished

Notice and disclaimers

The following sections describe safety, risks, and your responsibilities when running this demo.

Quick start safety check

Use only a clean environment. Run this demo on a fresh device or VM with no personal data, confidential information, or sensitive credentials. Keep it isolated like a sandbox.

By installing this demo, you accept responsibility for all third-party components, including reviewing their licenses, terms, and security posture. Read and accept before you install or use.

What you're getting

This experience is provided "AS IS" for demonstration purposes only — no warranties, no guarantees. This is a demo, not a production-ready solution. You will need to implement appropriate security controls for your environment and use case.

Key risks with AI agents

Data leakage — Any materials the agent accesses could be exposed, leaked, or stolen.
Malicious code execution — The agent or its connected tools could expose your system to malicious code or cyber-attacks.
Unintended actions — The agent might modify or delete files, send messages, or access services without explicit approval.
Prompt injection and manipulation — External inputs or connected content could hijack the agent's behavior in unexpected ways.

Participant acknowledgement

By participating in this demo, you acknowledge that you are solely responsible for your configuration and for any data, accounts, and tools you connect. To the maximum extent permitted by law, NVIDIA is not responsible for any loss of data, device damage, security incidents, or other harm arising from your configuration or use of NemoClaw demo materials, including OpenClaw or any connected tools or services.

Isolation layers (OpenShell)

Layer	What it protects	When it applies
Filesystem	Prevents reads/writes outside allowed paths.	Locked at sandbox creation.
Network	Blocks unauthorized outbound connections.	Hot-reloadable at runtime.
Process	Blocks privilege escalation and dangerous syscalls.	Locked at sandbox creation.
Inference	Reroutes model API calls to controlled backends.	Hot-reloadable at runtime.

What to know before starting

Basic use of the Linux terminal and SSH
Familiarity with Docker (permissions, docker run, optional docker group membership)
Awareness of the security and risk sections above

Prerequisites

Hardware:

A DGX Spark (GB10) with keyboard and monitor, or SSH access

Software:

Fresh install of DGX OS with latest updates

Verify your system before starting:

head -n 2 /etc/os-release
nvidia-smi
docker info --format '{{.ServerVersion}}'

Expected: Ubuntu 24.04, NVIDIA GB10 GPU, Docker 28.x+.

Have ready before you begin

Item	When you need it
Telegram bot token (optional)	Create with @BotFather (`/newbot`). You can paste it during onboarding (Step 3) or when you run `nemoclaw <sandbox> channels add telegram` later.
Brave Search API key (optional)	From Brave Search API if you enable web search during onboarding or via `nemoclaw onboard --fresh --gpu` (`--fresh` re-prompts every onboarding question, including features you previously skipped; without `--fresh` the wizard resumes the previous session and will not re-prompt).

Ancillary files

All required assets are handled by the NemoClaw installer. No manual cloning is needed.

Time and risk

Estimated time: About 30–60 minutes for a first full pass (install, onboard, model download depending on choice and network). Optional Brave, Telegram, and cloudflared steps add time if you do them in a second session.
Risk level: Medium — you are running an AI agent in a sandbox; risks are reduced by isolation but not eliminated. Use a clean environment and do not connect sensitive data or production accounts.
Last Updated: 06/01/2026
- Pin nemoclaw installer to v0.0.55, the latest stable version

Basic idea

What you'll accomplish

Install NemoClaw with one command (nemoclaw.sh), which pulls Node.js, OpenShell, and the CLI as needed
Walk through nemoclaw onboard wizard with recommended settings
Open the Web UI to interact with agent
Optionally enable Brave Search or Telegram after onboarding
Cleanup and uninstall with the documented uninstall.sh flags when finished

Notice and disclaimers

The following sections describe safety, risks, and your responsibilities when running this demo.

Quick start safety check

Use only a clean environment. Run this demo on a fresh device or VM with no personal data, confidential information, or sensitive credentials. Keep it isolated like a sandbox.

By installing this demo, you accept responsibility for all third-party components, including reviewing their licenses, terms, and security posture. Read and accept before you install or use.

What you're getting

Key risks with AI agents

Data leakage — Any materials the agent accesses could be exposed, leaked, or stolen.
Malicious code execution — The agent or its connected tools could expose your system to malicious code or cyber-attacks.
Unintended actions — The agent might modify or delete files, send messages, or access services without explicit approval.
Prompt injection and manipulation — External inputs or connected content could hijack the agent's behavior in unexpected ways.

Participant acknowledgement

Isolation layers (OpenShell)

Layer	What it protects	When it applies
Filesystem	Prevents reads/writes outside allowed paths.	Locked at sandbox creation.
Network	Blocks unauthorized outbound connections.	Hot-reloadable at runtime.
Process	Blocks privilege escalation and dangerous syscalls.	Locked at sandbox creation.
Inference	Reroutes model API calls to controlled backends.	Hot-reloadable at runtime.

What to know before starting

Basic use of the Linux terminal and SSH
Familiarity with Docker (permissions, docker run, optional docker group membership)
Awareness of the security and risk sections above

Prerequisites

Hardware:

A DGX Spark (GB10) with keyboard and monitor, or SSH access

Software:

Fresh install of DGX OS with latest updates

Verify your system before starting:

head -n 2 /etc/os-release
nvidia-smi
docker info --format '{{.ServerVersion}}'

Expected: Ubuntu 24.04, NVIDIA GB10 GPU, Docker 28.x+.

Have ready before you begin

Item	When you need it
Telegram bot token (optional)	Create with @BotFather (`/newbot`). You can paste it during onboarding (Step 3) or when you run `nemoclaw <sandbox> channels add telegram` later.
Brave Search API key (optional)	From Brave Search API if you enable web search during onboarding or via `nemoclaw onboard --fresh --gpu` (`--fresh` re-prompts every onboarding question, including features you previously skipped; without `--fresh` the wizard resumes the previous session and will not re-prompt).

Ancillary files

All required assets are handled by the NemoClaw installer. No manual cloning is needed.

Time and risk

Estimated time: About 30–60 minutes for a first full pass (install, onboard, model download depending on choice and network). Optional Brave, Telegram, and cloudflared steps add time if you do them in a second session.
Risk level: Medium — you are running an AI agent in a sandbox; risks are reduced by isolation but not eliminated. Use a clean environment and do not connect sensitive data or production accounts.
Last Updated: 06/01/2026
- Pin nemoclaw installer to v0.0.55, the latest stable version

Run NemoClaw with a Local LLM

Basic idea

What you'll accomplish

Notice and disclaimers

Quick start safety check

What you're getting

Key risks with AI agents

Participant acknowledgement

Isolation layers (OpenShell)

What to know before starting

Prerequisites

Have ready before you begin

Ancillary files

Time and risk

Resources

Run NemoClaw with a Local LLM

Basic idea

What you'll accomplish

Notice and disclaimers

Quick start safety check

What you're getting

Key risks with AI agents

Participant acknowledgement

Isolation layers (OpenShell)

What to know before starting

Prerequisites

Have ready before you begin

Ancillary files

Time and risk

Resources