Commands#

The nemoclaw CLI is the primary interface for managing NemoClaw sandboxes. It is installed when you run npm install -g nemoclaw.

`/nemoclaw` Slash Command#

The /nemoclaw slash command is available inside the OpenClaw chat interface for quick actions:

Subcommand	Description
`/nemoclaw`	Show slash-command help and host CLI pointers
`/nemoclaw status`	Show sandbox and inference state
`/nemoclaw onboard`	Show onboarding status and reconfiguration guidance
`/nemoclaw eject`	Show rollback instructions for returning to the host installation

Standalone Host Commands#

The nemoclaw binary handles host-side operations that run outside the OpenClaw plugin context.

`nemoclaw help`, `nemoclaw --help`, `nemoclaw -h`#

Show the top-level usage summary and command groups. Running nemoclaw with no arguments shows the same help output.

$ nemoclaw help

`nemoclaw --version`, `nemoclaw -v`#

Print the installed NemoClaw CLI version.

$ nemoclaw --version

`nemoclaw onboard`#

Run the interactive setup wizard (recommended for new installs). The wizard creates an OpenShell gateway, registers inference providers, builds the sandbox image, and creates the sandbox. Use this command for new installs and for recreating a sandbox after changes to policy or configuration.

$ nemoclaw onboard

The wizard prompts for a provider first, then collects the provider credential if needed. Supported non-experimental choices include NVIDIA Endpoints, OpenAI, Anthropic, Google Gemini, and compatible OpenAI or Anthropic endpoints. Credentials are stored in ~/.nemoclaw/credentials.json. The legacy nemoclaw setup command is deprecated; use nemoclaw onboard instead.

If you enable Brave Search during onboarding, NemoClaw currently stores the Brave API key in the sandbox’s OpenClaw configuration. That means the OpenClaw agent can read the key. NemoClaw explores an OpenShell-hosted credential path first, but the current OpenClaw Brave runtime does not consume that path end to end yet. Treat Brave Search as an explicit opt-in and use a dedicated low-privilege Brave key.

For non-interactive onboarding, you must explicitly accept the third-party software notice:

$ nemoclaw onboard --non-interactive --yes-i-accept-third-party-software

or:

$ NEMOCLAW_ACCEPT_THIRD_PARTY_SOFTWARE=1 nemoclaw onboard --non-interactive

To enable Brave Search in non-interactive mode, set:

$ BRAVE_API_KEY=... \
  nemoclaw onboard --non-interactive

BRAVE_API_KEY enables Brave Search in non-interactive mode and also enables web_fetch.

The wizard prompts for a sandbox name. Names must follow RFC 1123 subdomain rules: lowercase alphanumeric characters and hyphens only, and must start and end with an alphanumeric character. Uppercase letters are automatically lowercased.

Before creating the gateway, the wizard runs preflight checks. It verifies that Docker is reachable, warns on unsupported runtimes such as Podman, and prints host remediation guidance when prerequisites are missing.

`nemoclaw list`#

List all registered sandboxes with their model, provider, and policy presets.

$ nemoclaw list

`nemoclaw deploy`#

Warning

The nemoclaw deploy command is deprecated. Prefer provisioning the remote host separately, then running the standard NemoClaw installer and nemoclaw onboard on that host.

Deploy NemoClaw to a remote GPU instance through Brev. This command remains as a compatibility wrapper for the older Brev-specific bootstrap flow.

$ nemoclaw deploy <instance-name>

`nemoclaw <name> connect`#

Connect to a sandbox by name.

$ nemoclaw my-assistant connect

`nemoclaw <name> status`#

Show sandbox status, health, and inference configuration.

$ nemoclaw my-assistant status

`nemoclaw <name> logs`#

View sandbox logs. Use --follow to stream output in real time.

$ nemoclaw my-assistant logs [--follow]

`nemoclaw <name> destroy`#

Stop the NIM container and delete the sandbox. This removes the sandbox from the registry.

Warning

Destroying a sandbox permanently deletes all files inside it, including workspace files (SOUL.md, USER.md, IDENTITY.md, AGENTS.md, MEMORY.md, and daily memory notes). Back up your workspace first by following the instructions at Back Up and Restore.

$ nemoclaw my-assistant destroy

`nemoclaw <name> policy-add`#

Add a policy preset to a sandbox. Presets extend the baseline network policy with additional endpoints.

$ nemoclaw my-assistant policy-add

`nemoclaw <name> policy-list`#

List available policy presets and show which ones are applied to the sandbox.

$ nemoclaw my-assistant policy-list

`openshell term`#

Open the OpenShell TUI to monitor sandbox activity and approve network egress requests. Run this on the host where the sandbox is running.

$ openshell term

For a remote Brev instance, SSH to the instance and run openshell term there, or use a port-forward to the gateway.

`nemoclaw start`#

Start auxiliary services, such as the Telegram bridge and cloudflared tunnel.

$ nemoclaw start

Requires TELEGRAM_BOT_TOKEN for the Telegram bridge.

`nemoclaw stop`#

Stop all auxiliary services.

$ nemoclaw stop

`nemoclaw status`#

Show the sandbox list and the status of auxiliary services.

$ nemoclaw status

`nemoclaw setup-spark`#

Warning

The nemoclaw setup-spark command is deprecated. Use the standard installer and run nemoclaw onboard instead, because current OpenShell releases handle the older DGX Spark cgroup behavior.

This command remains as a compatibility alias to nemoclaw onboard.

$ nemoclaw setup-spark

`nemoclaw debug`#

Collect diagnostics for bug reports. Gathers system info, Docker state, gateway logs, and sandbox status into a summary or tarball. Use --sandbox <name> to target a specific sandbox, --quick for a smaller snapshot, or --output <path> to save a tarball that you can attach to an issue.

$ nemoclaw debug [--quick] [--sandbox NAME] [--output PATH]

Flag	Description
`--quick`	Collect minimal diagnostics only
`--sandbox NAME`	Target a specific sandbox (default: auto-detect)
`--output PATH`	Write diagnostics tarball to the given path

`nemoclaw uninstall`#

Run uninstall.sh to remove NemoClaw sandboxes, gateway resources, related images and containers, and local state. The CLI uses the local uninstall.sh first and falls back to the hosted script if the local file is unavailable.

Flag	Effect
`--yes`	Skip the confirmation prompt
`--keep-openshell`	Leave the `openshell` binary installed
`--delete-models`	Also remove NemoClaw-pulled Ollama models

$ nemoclaw uninstall [--yes] [--keep-openshell] [--delete-models]

Legacy `nemoclaw setup`#

Deprecated. Use nemoclaw onboard instead. Running nemoclaw setup now delegates directly to nemoclaw onboard.

$ nemoclaw setup

Commands#

/nemoclaw Slash Command#

Standalone Host Commands#

nemoclaw help, nemoclaw --help, nemoclaw -h#

nemoclaw --version, nemoclaw -v#

nemoclaw onboard#

nemoclaw list#

nemoclaw deploy#

nemoclaw <name> connect#

nemoclaw <name> status#

nemoclaw <name> logs#

nemoclaw <name> destroy#

nemoclaw <name> policy-add#

nemoclaw <name> policy-list#

openshell term#

nemoclaw start#

nemoclaw stop#

nemoclaw status#

nemoclaw setup-spark#

nemoclaw debug#

nemoclaw uninstall#

Legacy nemoclaw setup#

`/nemoclaw` Slash Command#

`nemoclaw help`, `nemoclaw --help`, `nemoclaw -h`#

`nemoclaw --version`, `nemoclaw -v`#

`nemoclaw onboard`#

`nemoclaw list`#

`nemoclaw deploy`#

`nemoclaw <name> connect`#

`nemoclaw <name> status`#

`nemoclaw <name> logs`#

`nemoclaw <name> destroy`#

`nemoclaw <name> policy-add`#

`nemoclaw <name> policy-list`#

`openshell term`#

`nemoclaw start`#

`nemoclaw stop`#

`nemoclaw status`#

`nemoclaw setup-spark`#

`nemoclaw debug`#

`nemoclaw uninstall`#

Legacy `nemoclaw setup`#