Local Healthcare Agent on DGX Station
Run healthcare AI agents that analyze patient data and predict protein structures in an OpenShell sandbox on DGX Station
IMPORTANT
This playbook requires Docker (with NVIDIA runtime), Node.js v22, and OpenShell CLI >= 0.0.33. If Docker, the NVIDIA runtime, or OpenShell are missing, complete the NemoClaw playbook (nvidia/station-nemoclaw/instructions.md) Steps 1–4 first — that takes about 30–45 minutes. Ollama runs as a Docker container in this playbook (host Ollama is not required and will conflict with port 11434, see Step 3).
NOTE
Steps 1–3 are prerequisites. Steps 4–5 configure infrastructure and deploy the agent. Steps 6–9 are the demo. Steps 10–11 are cleanup and next steps.
Verify your environment
Confirm your DGX Station has the required software and free disk space:
# OpenShell installs to ~/.local/bin, which is not on the default
# non-interactive PATH. Add it before running anything below.
echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc
export PATH="$HOME/.local/bin:$PATH"
nvidia-smi
docker info --format '{{.ServerVersion}}'
node --version
ollama --version 2>/dev/null || echo "ollama not installed (OK — Docker provides it)"
openshell --version
df -h /
Expected: Blackwell Ultra GPU, Docker >= 23.0.1, Node.js v22.x (the DGX Station ships with v18 — see below), OpenShell >= 0.0.33, and at least 200 GB free on / (86 GB model + Docker images + working space).
WARNING
If openshell --version says command not found, the binary is at ~/.local/bin/openshell but isn't on PATH. Run the export PATH=... line above and re-source ~/.bashrc. Without this, every openshell and make command in later steps fails.
TIP
make prereq (run from ~/clinical-intelligence after Step 2) bundles all of the checks below — Docker, Node version, OpenShell, disk space, GPU, port 11434, and NGC auth — into one command.
If node --version reports v18.x or older, install Node.js v22 before continuing:
curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash -
sudo apt-get install -y nodejs
node --version # should now show v22.x
Host Ollama must not be on port 11434. This playbook runs Ollama in a Docker container that binds 11434 on the host. Run both of these:
# Always run — succeeds silently if no service exists, stops the host
# Ollama daemon if NemoClaw or another playbook left one running.
sudo systemctl stop ollama 2>/dev/null || true
sudo systemctl disable ollama 2>/dev/null || true
# Verify nothing else owns 11434.
ss -tlnp 2>/dev/null | grep 11434 || echo 'port 11434 free'
Expected: port 11434 free. If the line still shows a listener, something else (an old ollama serve, another container, etc.) owns the port — stop it, or change OLLAMA_PORT in .env (Step 2) to a free port such as 11435. make setup sources .env and configures the sandbox provider against the override.
Stale OpenShell gateway? If you previously ran the NemoClaw playbook, an existing gateway will be silently reused under the new name. To start clean:
openshell gateway destroy 2>/dev/null || true
Copy the assets and configure
The playbook assets include the Docker Compose file, agent definitions, skill files, and setup scripts. Locate the assets/ directory shipped with this playbook (DGX Station catalog or your local clone) and copy it to ~/clinical-intelligence:
# Find the playbook directory first. Try the common locations:
PLAYBOOK_DIR=""
for d in ~/dgx-station-playbooks/nvidia/station-healthcare-agent \
/opt/dgx-station-playbooks/nvidia/station-healthcare-agent \
/usr/local/share/dgx-station-playbooks/nvidia/station-healthcare-agent; do
if [ -d "$d/assets" ]; then PLAYBOOK_DIR="$d"; break; fi
done
if [ -z "$PLAYBOOK_DIR" ]; then
echo "ERROR: assets/ not found. Locate it manually:"
echo " find / -type d -path '*station-healthcare-agent/assets' 2>/dev/null"
echo "Then re-run with PLAYBOOK_DIR set."
else
cp -r "$PLAYBOOK_DIR/assets" ~/clinical-intelligence
cd ~/clinical-intelligence
cp .env.example .env
nano .env
# Set: NGC_API_KEY=nvapi-...
fi
IMPORTANT
If the catalog tarball did not include assets/ (some early distributions stripped it), pull the playbook directly from the repo:
git clone https://github.com/NVIDIA/dgx-station-playbooks ~/dgx-station-playbooks
cp -r ~/dgx-station-playbooks/nvidia/station-healthcare-agent/assets ~/clinical-intelligence
The NGC API key is required to download the OpenFold3 NIM image from nvcr.io and to run it at runtime. Get one for free at ngc.nvidia.com.
Authenticate Docker against NGC so the OpenFold3 image pull succeeds (without this you get a raw HTML 401 from nginx):
make ngc-login
# or, equivalent manual command:
# echo "$NGC_API_KEY" | docker login nvcr.io --username '$oauthtoken' --password-stdin
Start Nemotron 3 Super and OpenFold3
Ollama serves Nemotron 3 Super for LLM inference. OpenFold3 NIM handles protein structure prediction. Both run as Docker containers with GPU access.
If you are connected via SSH, start a tmux or screen session first so the download survives a disconnection:
tmux new -s clinical
Start the services:
docker compose up -d ollama openfold3
NOTE
First run downloads Nemotron 3 Super (~86 GB). This takes 15–25 minutes on a fast connection, up to an hour on slower links. Monitor with docker compose logs -f ollama. If interrupted, re-run — it resumes where it left off.
TIP
Multi-GPU stations: docker-compose pins both Ollama and OpenFold3 to GPU 0 by default (set LLM_GPU and OPENFOLD_GPU in .env to override). On the dual-GPU DGX Station (RTX PRO 6000 + GB300), set LLM_GPU and OPENFOLD_GPU to the index of the GB300 because Nemotron-3-Super (~94 GB resident) does not fit safely on the RTX PRO 6000 (98 GB). Find the GB300 index with: nvidia-smi --query-gpu=index,name --format=csv,noheader | awk -F', ' '/GB300/{print $1; exit}'
Pull the model into Ollama:
docker compose up model-pull
Wait for all services to report healthy:
make status
Expected:
Ollama: ✓ healthy
OpenFold3: ✓ healthy
OpenFold3 takes ~3 minutes to load model weights on startup. If it shows "down (may still be loading)", wait and check again.
TIP
make up runs all of the above (container start + model pull) in one command but does not block on health. Run make status separately to verify services are healthy.
Start the OpenShell gateway
The OpenShell gateway runs a lightweight k3s Kubernetes cluster inside Docker to manage sandboxes. On DGX Station, the kernel uses cgroup v2 with the systemd driver, but k3s defaults to cgroupfs. The flag below tells k3s to match the host:
OPENSHELL_K3S_ARGS='--kubelet-arg=cgroup-driver=systemd' openshell gateway start
Wait for the gateway's embedded k3s cluster to finish initializing (10–15 seconds after gateway start returns), then verify:
# Wait until the gateway accepts connections, fail after 60s
for i in $(seq 1 30); do
if openshell status 2>/dev/null | grep -q "Connected"; then
echo "Gateway: Connected"; break
fi
sleep 2
done
openshell status
Expected: Status: Connected. If the first openshell status immediately after gateway start reports Connection reset by peer, that is normal — k3s is still warming up. The loop above polls until it is ready.
NOTE
Step 4 configures OpenShell infrastructure (gateway). Step 5 deploys the healthcare agent into this infrastructure.
Deploy the healthcare agent
make setup automates six operations:
- Creates the
clinical-sandboxOpenShell sandbox with the network policy fromsandbox-policy.yaml - Creates the inference provider and configures routing to Ollama (previously a manual step)
- Installs Python packages (requests, pandas, matplotlib) inside the sandbox
- Copies agent definitions from
agents/and skill files fromskills/into the sandbox workspace - Deploys the OpenClaw configuration (
openclaw.json,IDENTITY.md) and registers specialist agents - Starts the OpenClaw gateway and runs a smoke test
make setup
When complete, you will see === Setup Complete ===. If setup fails, re-run make setup — it recreates the sandbox from scratch, so all config is fresh.
Verify the sandbox config matches the repo:
make check
All checks should pass. If any skills or config files are stale, make check tells you what to fix.
Run the quick test suite:
make test
TIP
make setup runs bash scripts/setup_sandbox.sh (loopback bind — use the SSH tunnel from Step 6 for remote browsers). For direct local-browser access on the Station itself, run make setup-local instead, which calls bash scripts/setup_sandbox.sh --local. See RUNBOOK.md in the assets for the manual step-by-step equivalent.
Open the dashboard
Remote access (run this from your machine, not the DGX Station). This forwards port 18789 so you can open the dashboard in a local browser:
ssh -f -N -L 18789:localhost:18789 your-user@your-dgx-station-ip
Cursor / VS Code: Open the Ports tab in the bottom panel, click Forward a Port, enter 18789.
Then open http://localhost:18789/ in your browser.
Local (keyboard and monitor on Station): Open http://localhost:18789/.
You should see the OpenClaw dashboard with Health: OK. Click Chat.
Setup is done. The next steps are the demo.
Run healthcare queries
All queries execute inside the OpenShell sandbox — only whitelisted endpoints are reachable. You will verify this in Step 9.
Paste the first query. The first response takes 30–60 seconds while the 120B model loads into GPU memory — this is normal and only happens once per session.
Find all diabetic patients and get their latest HbA1c. Generate a histogram with a red dashed line at 9%. Use dark background with green bars.
The agent reads its skill files (fhir-basics, clinical-knowledge, analysis-methods), imports the FHIR helpers library, writes a Python script, queries the FHIR server, and generates the chart — all inside the sandbox.
You should see ~48 diabetic patients and an A1c histogram with a 9% threshold line. The agent includes a clickable link to the chart in its response. You can also browse all visualizations at http://localhost:18789/__openclaw__/canvas/.
Stay in the same session for follow-ups:
Which of those diabetic patients also have hypertension? For the overlap, get their eGFR. Flag anyone with eGFR below 60 as kidney disease risk.
You should see ~24 with both conditions, ~12 flagged as kidney disease risk.
Of those kidney disease risk patients, which ones are not on an ACE inhibitor or ARB?
You should see ~12 patients missing guideline-recommended therapy (100% care gap in the synthetic data).
Visualize a drug target
Show me the 3D protein structure of atorvastatin bound to its target
The molecular agent looks up atorvastatin's target protein (HMG-CoA reductase), fetches the drug's SMILES from PubChem, sends the protein sequence to OpenFold3 for structure prediction, and generates an interactive 3D viewer with confidence scores (pLDDT, pTM, ipTM).
You should see an interactive 3D viewer with the protein ribbon structure and atorvastatin ligand. The agent includes a clickable link. Confidence scores appear in the viewer header — pLDDT > 70 indicates a good prediction.
Understand sandbox isolation
The sandbox policy (sandbox-policy.yaml) enforces implicit-deny networking at Layer 7. Every outbound connection is blocked unless an explicit rule allows it. The policy also restricts HTTP methods — FHIR and PubChem are limited to read-only (GET/HEAD), OpenFold3 accepts only POST to specific prediction paths.
Confirm that unauthorized endpoints are blocked. From inside the sandbox (connect with openshell sandbox connect clinical-sandbox), run:
curl --max-time 5 https://google.com
Expected: connection refused or CONNECT tunnel failed, response 403. The allowed endpoints are:
| Endpoint | Purpose | Allowed methods |
|---|---|---|
https://inference.local (port 443 only) | LLM calls to Ollama | All (OpenAI protocol) |
r4.smarthealthit.org | FHIR patient data | GET, HEAD |
pubchem.ncbi.nlm.nih.gov | Drug SMILES lookup | GET, HEAD |
| OpenFold3 NIM (Docker bridge) | Structure prediction | POST /biology/openfold/**, GET /v1/health/* |
| CDN (jquery, 3dmol, unpkg) | JavaScript for 3D viewers | GET |
Everything else is denied. Additional rules for GitHub, npm, and PyPI are included in sandbox-policy.yaml for build dependencies during sandbox setup — these are setup-only and not used at runtime.
NOTE
inference.local is HTTPS-only. Plain http://inference.local/... returns policy_denied because the OpenShell L7 proxy enforces the TLS-terminated CONNECT path. All skills, helper scripts, and _sandbox curls in this repo use https://inference.local with -k (the proxy presents a self-signed cert).
Patient data flows from FHIR → sandbox Python execution. It never passes through the LLM, OpenFold3, or PubChem.
Inspect a skill file to see the editable clinical knowledge:
head -30 skills/clinical-knowledge/SKILL.md
Skill files are Markdown. Edit a threshold or drug classification — it takes effect on the next query, no retraining. Try changing the HbA1c threshold from 9.0% to 7.0% and re-running the diabetes query to see the difference.
Cleanup
WARNING
This removes the sandbox and stops all services.
openshell sandbox delete clinical-sandbox
make down
openshell gateway destroy
To also remove downloaded models and volumes:
make clean
Next steps
- Edit a skill — change a lab reference range in
skills/clinical-knowledge/SKILL.mdand re-run the same prompt to see the effect. - Add an agent — create a
.mdinagents/, register inopenclaw.json, redeploy withmake setup. - Connect a real FHIR server — replace the test server URL, add OAuth2 authentication, and update
sandbox-policy.yamlwith explicit path-level rules for the FHIR resources the agent needs. - Swap models — try
qwen2.5:72bor another Ollama model by editing.envandopenclaw.json. - Verify after changes — run
make checkafter any config or skill file change to catch stale sandbox copies. - Full agent validation —
make test-fullruns all test levels including end-to-end agent queries (~20 min). - Monitor GPU —
nvidia-smishows memory allocation across Nemotron 3 Super and OpenFold3.