NemoClaw Setup Guide 2026: How to Install NVIDIA's Open-Source AI Agent Stack

By the CodeClaw Team · Published March 22, 2026 · NemoClaw, NVIDIA, AI Infrastructure

NemoClaw is NVIDIA's open-source reference stack for deploying enterprise-grade AI agents with built-in security, privacy controls, and support for Nemotron models. Released under the Apache 2.0 license, it integrates with OpenClaw to give businesses a full AI agent runtime with policy-controlled security layers, local or cloud inference, and a one-command install process.

Done-For-You

Skip the setup. We deploy NemoClaw for you in 48h.

Get Deployed → Talk to us

This guide covers everything you need to know to install and configure NemoClaw — from system requirements to security policy setup. NemoClaw is currently in alpha (as of March 16, 2026), so expect the setup process to evolve as the project matures.

⚠️ Alpha Software: NemoClaw is alpha software as of March 2026. It's suitable for evaluation and development environments. For production business deployments, CodeClaw's NemoClaw setup service includes stability hardening and enterprise support.

What Is NemoClaw?

NemoClaw is an open-source reference stack built and maintained by NVIDIA. It provides:

A secure agent runtime built on NVIDIA's OpenShell, using Landlock, seccomp, and network namespace sandboxing
Nemotron model support — including Nemotron 3 Super 120B, NVIDIA's flagship open-weight model
Flexible inference — run models locally via Ollama or route requests to NVIDIA's cloud Endpoint API
Privacy router — intelligently mix local and cloud models based on data sensitivity
Policy presets for common platforms: Discord, Slack, Telegram, npm, PyPI, Docker, and others
Four security layers: Network, Filesystem, Process, and Inference — all policy-controlled

When combined with OpenClaw, NemoClaw provides the secure execution layer that enterprise teams need when deploying AI agents on sensitive workloads.

System Requirements

Before installing NemoClaw, confirm your system meets the minimum requirements:

CPU4+ vCPU

RAM8–16 GB

Disk20–40 GB free

Node.jsv20+

Supported operating systems:

Linux: Ubuntu 22.04 or newer (recommended)
macOS: Apple Silicon (M1/M2/M3) via Docker Desktop
Windows: WSL (Windows Subsystem for Linux)

Required software:

Docker (latest stable)
Node.js 20+
curl

For local inference with Nemotron models, you'll need significantly more resources — at least 16 GB RAM and a capable GPU is recommended for the larger Nemotron variants. If you're using NVIDIA's cloud Endpoint API for inference, the base requirements above are sufficient.

Installation

NemoClaw installs with a single command:

curl -fsSL https://nvidia.com/nemoclaw.sh | bash

The install script will:

Check your system for Docker and Node.js 20+
Pull the NemoClaw container images
Initialize the OpenShell security runtime
Set up default security policies
Configure the local agent workspace

Review before running: As with any install script piped directly to bash, it's good practice to review the script contents first at https://nvidia.com/nemoclaw.sh before running, especially in production environments.

Inference Configuration: Local vs Cloud

One of NemoClaw's key design decisions is its flexibility around model inference. You have two primary options:

Option A: Local Inference via Ollama

Running models locally keeps your data on-premises. NemoClaw supports local inference via Ollama, which handles model downloads and serving. This is the right choice when:

Data privacy regulations prevent sending data to external APIs
You want to run Nemotron models without per-token cloud costs
You need offline or air-gapped operation

For local inference, you'll need sufficient hardware — Nemotron 3 Super 120B is a large model. Smaller Nemotron variants or other Ollama-compatible models work well on consumer hardware within the RAM requirements above.

Option B: Cloud Inference via NVIDIA Endpoint API

NVIDIA's Endpoint API gives you access to the full Nemotron model lineup, including Nemotron 3 Super 120B, without running the model locally. This is suitable when:

You don't have GPU hardware on-premises
You need the highest-capability Nemotron models
You want faster inference without local resource constraints

You'll need an NVIDIA developer account and API credentials to use this option.

Option C: Privacy Router (Mixed Mode)

NemoClaw's privacy router is one of its more practical enterprise features. It lets you define rules that determine whether a given request goes to a local model or a cloud model based on content classification. For example: internal business data stays local, general queries can use cloud inference.

Security Architecture

NemoClaw uses NVIDIA's OpenShell runtime to provide sandboxed execution. The security model is built on four policy-controlled layers:

Network layer: Controls which external endpoints the agent runtime can reach, enforced via Linux network namespaces (netns)
Filesystem layer: Restricts which directories the agent can read from and write to, enforced via Landlock
Process layer: Limits system call access using seccomp filters
Inference layer: Applies policy controls on model inputs and outputs — content filtering, data classification, and routing decisions

These aren't optional add-ons — they're the default execution model. Every agent workload in NemoClaw runs inside the OpenShell sandbox. You configure the policies; the runtime enforces them.

Policy Presets

Rather than writing security policies from scratch, NemoClaw ships with ready-made policy presets for common deployment scenarios:

discord — appropriate permissions for a Discord bot agent
slack — Slack workspace agent policy
telegram — Telegram bot policy
npm — safe defaults for agents that interact with npm registries
pypi — Python package ecosystem policy
docker — Docker API access controls

To apply a policy preset during configuration, select the preset that matches your deployment. Presets can be stacked and customized — you're not locked into using them exactly as shipped.

NemoClaw and OpenClaw

NemoClaw is designed to work alongside OpenClaw, NVIDIA's open-source AI agent framework. In a typical setup:

OpenClaw handles agent orchestration, channel integrations (WhatsApp, Discord, Telegram), memory, and task scheduling
NemoClaw provides the secure inference layer, model access, and policy enforcement that enterprises need

Together, they form a complete AI agent stack — OpenClaw manages what the agent does, NemoClaw controls how it does it securely. If you're already running OpenClaw agents and want to add Nemotron model support with enterprise security controls, NemoClaw is the recommended upgrade path.

License: NemoClaw is released under the Apache 2.0 license. You can use, modify, and deploy it commercially. The NVIDIA Nemotron models themselves may have separate licensing terms — check the model cards for specifics.

Known Limitations (Alpha)

As of March 16, 2026, NemoClaw is in alpha. A few things worth knowing before you deploy:

The API surface may change between releases
Not all policy preset combinations have been fully validated
Production hardening and performance tuning is ongoing
Community support channels are still being established

If you're evaluating NemoClaw for an enterprise deployment, plan for these constraints and factor in the time required to stay current with upstream changes.

Who Should Use NemoClaw?

NemoClaw is a good fit if you're:

A development team wanting to run NVIDIA Nemotron models in a managed, policy-controlled environment
A business that needs provable security controls around AI agent behavior
An IT team deploying OpenClaw agents and wanting enterprise-grade sandboxing
An organization with data privacy requirements that rule out sending all queries to external APIs

It's a heavier stack than a minimal OpenClaw install — the security infrastructure and Docker dependencies add setup overhead. For teams without dedicated DevOps capacity, the managed setup route may be more practical.