This is NVIDIA's TypeScript CLI for running OpenClaw AI assistants inside policy-enforced sandboxes via OpenShell. It handles the full stack: spins up isolated containers with Landlock and seccomp, routes all inference through NVIDIA's Nemotron models on their cloud, and lets you declaratively lock down network egress, filesystem access, and syscalls. You'd use this if you're deploying always-on agents and need real isolation beyond Docker alone. The onboarding wizard and hot-reloadable policies are nice touches, though it's alpha so expect churn. The TypeScript SDK is cleaner than I expected for infrastructure tooling. Requires Ubuntu 22.04+, Docker, and an NVIDIA API key from build.nvidia.com.
npx skills add https://github.com/aradotso/trending-skills --skill nvidia-nemoclaw