NVIDIA
Explore
Models
Blueprints
GPUs
Docs
⌘KCtrl+K
Terms of Use
Privacy Policy
Your Privacy Choices
Contact

Copyright © 2026 NVIDIA Corporation

View All Playbooks
View All Playbooks

onboarding

  • MIG on DGX Station

data science

  • Topic Modeling
  • Text to Knowledge Graph on DGX Station

tools

  • NVFP4 Quantization

fine tuning

  • Nanochat Training

use case

  • Run NemoClaw on DGX Station
  • Local Coding Agent
  • Secure Long Running AI Agents with OpenShell on DGX Station

inference

  • Serve Qwen3-235B with vLLM

Run NemoClaw on DGX Station

60 MINS

Run OpenClaw in an OpenShell sandbox on DGX Station with Ollama (Nemotron)

AI AgentDGX StationGB300NemoClawOllamaOpenShell
NemoClaw on GitHub
OverviewOverviewInstructionsInstructionsTroubleshootingTroubleshooting

Basic idea

NVIDIA OpenShell is an open-source runtime for running autonomous AI agents in sandboxed environments with kernel-level isolation. NVIDIA NemoClaw is an OpenClaw plugin that packages OpenShell with an AI agent: it includes the nemoclaw onboard wizard to automate setup so you can get a browser-based chat interface running locally on your DGX Station using Ollama (e.g. NVIDIA Nemotron 3 Super).

By the end of this playbook you will have a working AI agent inside an OpenShell sandbox, accessible via a dashboard URL, with inference routed to a local model on your DGX Station—all without exposing your host filesystem or network to the agent.

What you'll accomplish

  • Install and configure Docker for OpenShell (including cgroup fix where needed on DGX Station)
  • Install Node.js, Ollama, the OpenShell CLI, and the NemoClaw plugin
  • Run the NemoClaw onboard wizard to create a sandbox and configure inference
  • Start the OpenClaw web UI inside the sandbox and chat with Nemotron 3 Super (or another Ollama model) locally

Notice and disclaimers

Please read the following before you start.

Quick start safety check

Use only a clean environment. Run this demo on a fresh device or VM with no personal data, confidential information, or sensitive credentials. Keep it isolated like a sandbox.

By installing this demo, you accept responsibility for all third-party components, including reviewing their licenses, terms, and security posture. Read and accept before you install or use.

What you're getting

This experience is provided "AS IS" for demonstration purposes only—no warranties, no guarantees. This is a demo, not a production-ready solution. You will need to implement appropriate security controls for your environment and use case.

Key risks with AI agents

  • Data leakage — Any materials the agent accesses could be exposed, leaked, or stolen.
  • Malicious code execution — The agent or its connected tools could expose your system to malicious code or cyber-attacks.
  • Unintended actions — The agent might modify or delete files, send messages, or access services without explicit approval.
  • Prompt injection and manipulation — External inputs or connected content could hijack the agent's behavior in unexpected ways.

Participant acknowledgement

By participating in this demo, you acknowledge that you are solely responsible for your configuration and for any data, accounts, and tools you connect. To the maximum extent permitted by law, NVIDIA is not responsible for any loss of data, device damage, security incidents, or other harm arising from your configuration or use of NemoClaw demo materials, including OpenClaw or any connected tools or services.

Isolation layers (OpenShell)

LayerWhat it protectsWhen it applies
FilesystemPrevents reads/writes outside allowed paths.Locked at sandbox creation.
NetworkBlocks unauthorized outbound connections.Hot-reloadable at runtime.
ProcessBlocks privilege escalation and dangerous syscalls.Locked at sandbox creation.
InferenceReroutes model API calls to controlled backends.Hot-reloadable at runtime.

What to know before starting

  • Basic use of the Linux terminal and SSH
  • Familiarity with Docker (permissions, docker run)
  • Awareness of the security and risk sections above

Prerequisites

Hardware and access:

  • A DGX Station (with NVIDIA GB300 GPUs recommended for large models like Nemotron 3 Super) with keyboard and monitor, or SSH access
  • Sufficient GPU memory for your chosen model (e.g. Nemotron 3 Super 120B benefits from 170+ GB VRAM on GB300)
  • An NVIDIA API key from build.nvidia.com (free; the onboard wizard will prompt for it)
  • A GitHub account with access to the NVIDIA organization (for installing the OpenShell CLI from GitHub releases)

Software:

  • Fresh install of DGX OS (or supported Linux) with latest updates

Verify your system before starting:

head -n 2 /etc/os-release
nvidia-smi
docker info --format '{{.ServerVersion}}'
python3 --version

Expected: Ubuntu 24.04 (or compatible), NVIDIA GPU (e.g. GB300), Docker server version, Python 3.12+.

Ancillary files

All required assets are in the openshell-openclaw-plugin repository. You will clone it during the instructions to install NemoClaw.

Time and risk

  • Estimated time: 45–90 minutes (including first-time gateway and sandbox build, and Nemotron 3 Super download of ~87GB).
  • Risk level: Medium — you are running an AI agent in a sandbox; risks are reduced by isolation but not eliminated. Use a clean environment and do not connect sensitive data or production accounts.
  • Rollback: Remove the sandbox with openshell sandbox delete <name>, destroy the gateway with openshell gateway destroy -g nemoclaw, and uninstall NemoClaw with sudo npm uninstall -g nemoclaw and rm -rf ~/.nemoclaw (see Cleanup in Instructions).
  • Last Updated: 03/10/2026
    • First publication for DGX Station.

Resources

  • openshell-openclaw-plugin (NemoClaw)
  • OpenClaw Documentation
  • OpenShell (PyPI)
  • DGX Station Documentation
  • NVIDIA GB300