Nvidia NemoClaw

github.com

・

156 points

・

hmokiguess

・

5 hours ago

125 comments

Netcob ・ 2 hours ago

Am I missing something? Why is everyone talking about sandboxes when it comes to OpenClaw?

To me it's like giving your dog a stack of important documents, then being worried he might eat them, so you put the dog in a crate, together with the documents.

I thought the whole problem with that idea was that in order for the agent to be useful, you have to connect it to your calendar, your e-mail provider and other services so it can do stuff on your behalf, but also creating chaos and destruction.

And now, what, having inference done by Nvidia directly makes it better? Does their hardware prevent an AI from deleting all my emails?

Someone1234 ・ 2 hours ago

I think the point you're making is fully correct, so consider this a devil's advocate argument...
People claim, you can use Claw-agents more safely while getting some of the benefits, by essentially proxying your services. For example on Gmail people are creating a new Google accounts, forwarding email via rule, and adding access to their calendar via Google's Family Sharing. This allows the Claw agent to read email, access the calendar, but even if you ask it to send an email it can only send as the proxy account, and it can only create calendar appointments then add you as an attendee rather than destroy/altering appointments you've made.
Is the juice worth the squeeze after all that? That's where I struggle. I think insecure/dangerous Claw-agents could be useful but cannot be made safe (for the logical fallacy you pointed out), and secure Claw-agents are only barely useful. Which feels like the whole idea gets squished.
- jychang ・ 26 minutes ago
  
  We already have this concept. It’s called user accounts.
  Your Gmail account vs my Gmail account. Your macOS account vs my macOS account.
  Yes, I can spam you from my Gmail. Yes, I can use sudo on my Mac and damage your account. But the impact is by default limited.
  The answer is to just treat assistants as a different user profile, use the same sharing mechanisms already developed (calendar sharing, etc), and call it a day.
stavros ・ 9 minutes ago

Because it's so useful to me that I'm willing to accept the risk of it having access to the thing it needs for the benefit it provides. I'm not willing to accept the risk of it having access to things it doesn't need for no benefit.
Then again, I was wary of OpenClaw's unfettered access and made my own alternative (https://github.com/skorokithakis/stavrobot) with a focus on "all the access it needs, and no more".
hmokiguess ・ 2 hours ago

Yes, although what I think is different in this setup here is the OpenShell gateway override, as they mention:
> NemoClaw installs the NVIDIA OpenShell runtime and Nemotron models, then uses a versioned blueprint to create a sandboxed environment where every network request, file access, and inference call is governed by declarative policy. The nemoclaw CLI orchestrates the full stack: OpenShell gateway, sandbox, inference provider, and network policy.
I think this means you get a true proxy layer with a network gateway that let's you stop in-flight requests with policies you define, so it's not their hardware but the combination of it plus OpenShell gateway and network policies.
I also think the reason they are doing this is to try and get some moat around these one-clik deployments and leverage their GPU for rent type of thing instead of having you go buy a mac mini and learn "scary" stuff (remember, the user market here is pretty strange lol)
- hardsnow ・ an hour ago
  
  OpenShell is the gem here indeed. A lot of good ideas like network sandbox that does TLS decryption and use of policy engine to set the rules. However:
  > Credentials never leak into the sandbox filesystem; they are injected as environment variables at runtime.
  If anyone from the team is reading - you should copy surrogate credentials approach from here to secure the credentials further: https://github.com/airutorg/airut/blob/main/doc/network-sand...
hector_vasquez ・ an hour ago

> Am I missing something?
You are indeed missing a TON. A lot of Open Claw users don't give it everything. We give it specific access to a group of things it needs to do the things we want. If I want an agent to sit there 24/7 maximizing uptime of my service, I give it access to certain data, the GitHub repo with PR privileges, and maybe even permissions to restart the service. All of this has to be very thoughtful and intentional. The idea that the only "useful" way to use Open Claw is to give it everything is a straw man.
madeofpalk ・ 2 hours ago

I'm putting my dog in his crate with all my important documents, but leaving my fine china tableware in the cupboard away from the dog.
- robotswantdata ・ an hour ago
  
  Then one day forgetting to close the door of the crate…..
  
  linhns ・ 42 minutes ago
  
  But the dog is so used to the crate…
- saidnooneever ・ 2 hours ago
  
  and then tie a tiny string from the china to a thing inside the cage because it seemed handy at the time...
cmiles74 ・ 2 hours ago

Agreed. I think the "simplifies running OpenClaw always-on assistants safely" bit is pretty misleading. I suppose it can wreak less havoc on your local file system but, as you point out, it's access to your account credentials (Slack, email, Amazon?, etc.) that is the real danger.
nurettin ・ 9 minutes ago

> being worried he might eat them, so you put the dog in a crate, together with the documents.
Maybe you don't want the dog to shit all over the place after eating said documents, so you put it in a crate.
rajeshrajappan ・ 2 hours ago

You don't need to connect your calendar, email, or anything else. I am having so much fun talking to it bouncing ideas and pushing code/markdown files to GitHub (totally separate account I created for OpenClaw). On the other hand I don't have a crazy life that everything needs to be in the calendar.
empiricus ・ 2 hours ago

you put the dog in crate with a COPY of your documents.
- thenthenthen ・ 2 hours ago
  
  Make it two copies!
rodchalski ・ 2 hours ago

[dead]
sayYayToLife ・ an hour ago

[dead]

jesse_dot_id ・ an hour ago

The fully autonomous agentic ecosystem makes me feel a little crazy — like all common sense has escaped. It feels like there is a lot of engineering effort being exhausted to harden the engine room on the Titanic against flooding. It's going to look really secure... buried in debris at the bottom of the ocean.

When a state sponsored threat actor discovers a zero day prompt injection attack, it will not matter how isolated your *Claw is, because like any other assistant, they are only useful when they have access to your life. The access is the glaring threat surface that cannot be remediated — not the software or the server it's running on.

This is the computing equivalent of practicing free love in the late 80's without a condom. It looks really fun from a distance and it's probably really fun in the moment, but y'all are out of your minds.

burningChrome ・ 40 minutes ago

Free love was the 60's and 70's followed by the sex, drugs and rock n' roll 80's. Once AIDS and drug addiction hit, the party was over.
I think your analogy is still accurate, I'm just wondering when the AIDS, the drug overdoses and addiction phase of AI will finally hit.
hypfer ・ an hour ago

Well, at least we share the same world as these people, meaning that we too will experience the consequences of their actions.
Isn't that a nice perspective
sailfast ・ 24 minutes ago

Eh… Titanic did flood in the engine rooms so… might work?
That humor aside: I think it’s about risk tolerance, and you configure accordingly.
You lock it down as much as you need to still do the things you want, and look for good outcomes, and shut it down if things get too risky.
You practice free love, but with protection. Probably still fun?
Big difference between running a bot with fairly narrow scopes inside a network available via secure chat that compounds its usefulness over time, and granting full admin with all your logins and a bank account. Lots of usefulness in the middle.
sayYayToLife ・ an hour ago

[dead]

frenchie4111 ・ 4 hours ago

I found this part interesting: "Inference requests from the agent never leave the sandbox directly. OpenShell intercepts every call and routes it to the NVIDIA cloud provider."

Seems like they are doing this to become the default compute provider for the easiest way to set up OpenClaw. If it works out, it could drive a decent amount of consumer inference revenue their way

amelius ・ 4 hours ago

s/revenue/data/
cactusplant7374 ・ 4 hours ago

Secure installation isn't the main problem with OpenClaw. This project doesn't seem to be solving a real problem. Of course the real problem is giving an LLM access to everything and hoping for the best.
- blizdiddy ・ 4 hours ago
  
  Running OpenClaw is the nerd equivalent of rolling coal
  
  PurpleRamen ・ 3 hours ago
  ・ 2 more
  
  OpenClaw can be useful, in theory, unlike rolling coal. OpenClaw is what people always hoped Siri, Alexa and/or Google Assistant would be, and now it's really here. It may be expensive, has a chance to become your local Skynet and might randomly delete or leak everything that's valuable for you..but I guess this counts as growing pains.
  
  recursive ・ 3 hours ago
  
  Rolling coal can be useful in theory, for pissing people off. As intended.
  
  jsolson ・ 4 hours ago
  ・ 26 more
  
  I'm trying to put together what you could possibly mean by this -- rolling coal is fundamentally about spite. In isolation, nobody _wants_ their vehicle to spew black smoke. It only comes close to making sense in the context of another population (EV owners, typically, or more generally "the libs").
  OpenClaw lets people live a bit dangerously, but fundamentally gives them something that they actually wanted. They wanted it so badly that they're willing to take what seem like insane risks to get it.
  What do the two have in common?
  
  bigfishrunning ・ 4 hours ago
  ・ 22 more
  
  > OpenClaw lets people live a bit dangerously, but fundamentally gives them something that they actually wanted. They wanted it so badly that they're willing to take what seem like insane risks to get it.
  For the first time in my career I feel so incredibly behind on this: What is open claw giving people that they want so badly? It just seems like Russian Roulette, I honestly don't see the upside
  
  ttsalami ・ 3 hours ago
  ・ 4 more
  
  I can give you, as an example, what is driving me towards trying it.
  I work as a contractor for 2 companies, not out of necessity, but greed. I also have a personal project with a friend that is dangerously close to becoming a business that needs attention. I also have other responsibilities and believe it or not - friends. Also the ADHD on top of that.
  I yearn for a personal assistant. Something or somebody that will read the latest ticket assigned to me, the email with project feedback, the message from my best friend that I haven't replied for the last 3 days and remind me: "you should do this, it's going to take 5 minutes", "you have to do this today, because tomorrow you are swamped" or "you should probably start X by doing Y".
  I have tried so many systems of managing my schedule and I can never stick with it. I have a feeling that having a bot "reach out", but also be able to do "reasoning" over my pending things would be a game changer.
  But yes, the russian roulette part is holding me back. I am taking suggestions though
  
  sigbottle ・ 3 hours ago
  ・ 3 more
  
  How much would a real personal assistant cost?
  
  cheema33 ・ 2 hours ago
  
  > How much would a real personal assistant cost?
  A lot. And wouldn't be as good or fast. I am speaking from experience.
  
  sayYayToLife ・ an hour ago
  
  [dead]
  
  BeetleB ・ 3 hours ago
  ・ 12 more
  
  Like with any new tool/technology, you have to try it. And even then the benefits won't be obvious to you until you've played with it for a few days/weeks. With LLMs in general, it took me months before I found real good use cases.
  Simple example: I tell (with my voice) my OpenClaw instance to monitor a given web site daily and ping me whenever a key piece of information shows up there.
  The real problem is that it is fairly unreliable. It would often ping me even when the information had not shown up.
  Another example: I'm particular about the weather related information I want, and so far have not found any app that has everything. I got sick of going to a particular web site, clicking on things, to get this information. So I created a Skill to get what I need, and now I just ask for it (verbally), and I get it.
  As the GP said. This is what Siri etc should have been.
  
  bigfishrunning ・ 3 hours ago
  ・ 11 more
  
  > Simple example: I tell (with my voice) my OpenClaw instance to monitor a given web site daily and ping me whenever a key piece of information shows up there.
  Maybe i'm just old -- a cron job can fetch the info and push it to some notification service too, without also being a chaos agent. It seems I spend the security cost here, and in return i can save 15 minutes writing a script. Juice doesn't seem to be worth the squeeze.
  
  post-it ・ 3 hours ago
  ・ 3 more
  
  But they don't just want the text of the website pushed as a notification every day. They want the bot to load the site, likely perform some kind of interaction, decide if the thing they're looking for is there, and then notify them.
  
  dolebirchwood ・ 2 hours ago
  ・ 2 more
  
  All of which can already be done programmatically without OpenClaw.
  
  post-it ・ an hour ago
  
  Not with a single prompt.
  
  BeetleB ・ 3 hours ago
  ・ 7 more
  
  > Maybe i'm just old -- a cron job can fetch the info and push it to some notification service too, without also being a chaos agent.
  Here's a concrete example: A web site showing after school activities for my kid's school. All the current ones end in March, and we were notified to keep a lookout for new activities.
  So I told my OpenClaw instance to monitor it and notify me ONLY if there are activities beginning in March/April.
  Now let's break down your suggestion:
  > a cron job can fetch the info and push it to some notification service too, without also being a chaos agent.
  How exactly is this going to know if the activity begins in March/April? And which notification service? How will it talk to it?
  Sounds like you're suggesting writing a script and putting it in a cron job. Am I going to do that every time such a task comes up? Do I need to parse the HTML each time to figure out the exact locators, etc? I've done that once or twice in the past. It works, but there is always a mental burden on working out all those details. So I typically don't do it. For something like this, I wouldn't have bothered - I would have just checked the site every few days manually.
  Here: You have 15 minutes. Go write that script and test it. Will you bother? I didn't think so. But with OpenClaw, it's no effort.
  Oh, and I need to by physically near my computer to write the script.
  Now the OpenClaw approach:
  I tell it to do this while on a grocery errand. Or while in the office. I don't need to be home.
  It's a 4 step process:
  "Hey, can you go to the site and give me all the afterschool activities and their start dates?"
  <Confirm it does that>
  "Hey, write a skill that does that, and notifies me if the start date is ..."
  "Hey, let's test the skill out manually"
  <Confirm skill works>
  "Hey, schedule a check every 10:30am"
  And we're done.
  I don't do this all at once. I can ask it to do the first thing, and forget about it for an hour or two, and then come back and continue.
  There are a zillion scripts I could write to make my life easier that I'm not writing. The benefit of OpenClaw is that it now is writing them for me. 15 minutes * 1 zillion is a lot of time I've saved.
  But as I said: Currently unreliable.
  
  jwilber ・ 2 hours ago
  ・ 6 more
  
  I agree with the sentiment that there are use cases for web scraping where an agent is preferable to a cron job, but I think your particular example can certainly be achieved with a cron job and a basic parser script. Just have Claude write it.
  
  BeetleB ・ 2 hours ago
  ・ 5 more
  
  I didn't say it's not doable. I'm not even saying it's hard. But nothing beats telling Claw to do it for me while I'm in the middle of groceries.
  Put another way: If it can do it (reliably), why on Earth would I babysit Claude to write it?
  The whole point is this: When AI coding became a thing, many folks rediscovered the joy of programming, because now they could use Claude to code up stuff they wouldn't have bothered to. The barrier to entry went down. OpenClaw is simply that taken to the next level.
  And as an aside, let's just dispense with parsing altogether! If I were writing this as a script, I would simply fetch the text of the page, and have the script send it to an LLM instead of parsing. Why worry about parsing bugs on a one-off script?
  
  Kye ・ 2 hours ago
  ・ 4 more
  
  Scripts fail. Agents exfiltrate your data because someone hacked the school's website with prompt injections. Make sure it's a choice and not ignorance of the risks.
  
  BeetleB ・ 40 minutes ago
  ・ 3 more
  
  > Scripts fail.
  Which is totally fine for the majority of tasks.
  > Agents exfiltrate your data
  They can only exfiltrate the data you give them. What's the worst that prompt injection attack will give them?
  
  Kye ・ 11 minutes ago
  ・ 2 more
  
  Container security is an entire subfield of infosec. For example: https://github.com/advisories/GHSA-w235-x559-36mg
  People on both sides are just getting started finding all the ways to abuse or protect you from security assumptions with these tools. RSS is the right tool for this problem and I would be surprised if their CMS doesn't produce a feed on its own.
  
  BeetleB ・ 6 minutes ago
  
  I don't use a container. I use a VM.
  I'm not totally naive. I had the VM fairly hardened originally, but it proved to be inconvenient. I relaxed it so that processes on the VM can see other devices on the network.
  There's definitely some risk to that.
  
  hadlock ・ 3 hours ago
  ・ 2 more
  
  OpenClaw has a persistent memory, stored to disk, and an efficient way of accessing it. ChatGPT and Claude both added a rudimentary "memory" feature in March but it's nowhwere as extensible or vendor neutral.
  
  KeplerBoy ・ 2 hours ago
  
  ChatGPT had memory for a long time. Claude also had it for quite some time for paying customers.
  
  elonisaass ・ 2 hours ago
  
  A real smart / ai agent doing thinks for you by Delegation.
  Like the Star Trek computer
  
  phil21 ・ 3 hours ago
  
  A personal assistant of some sort that is actually useful at some stuff and not just a toy?
  It’s not some huge life changing thing for me, but I also only dabble with it - certainly it has no access to anything very important to my life.
  I find it incredibly useful to just have a chat line open with a little agent running on a tiny computer on my IoT network at home I can ask to do basic chores.
  Last night I realized I forgot to set the permanent holiday lights to “obnoxious st parties day animation” at around 9pm. It was basically the effect of “hey siri, please talk to the front house wled controller and set an appropriate very colorful theme for the current holiday until morning” while I drove to pick my wife up from a friends house.
  Without such a quick off-handed ability to get that done, there was zero chance I was coming home 20 minutes later, remembering I should do that, spending 10 minutes googling an appropriate preset lighting theme someone already came up with, grabbing laptop, and clicking a half dozen buttons to get that done.
  Trivial use case? Yup. But those trivial things add up for a measurable quality of life difference to me.
  I’m sure there are better and cleaner ways to achieve similar - but it’s a very fast on-ramp into getting something from zero to useful without needing to learn all this stuff from the ground up. Every time I think of something around that complexity level I go “ugh. I’ll get to it at some point” but if I spend 15 minutes with openclaw I can usually have a decent tool that is “good enough” for future use to get related things done for the future.
  It’s done far more complex development/devops “lab” stuff for me that at least proved some concepts for work later. I’ll throw away the output, but these are items that would have been put off indefinitely due to activation energy because the basics are trivial but annoyingly time consuming. Spin up a few VMs, configure basic networking, install and configure the few open source tools I wanted to test out, create some simple glue code to mock out what I wanted to try out. That sort of thing. Basically stuff I would have a personal intern do if I could afford one.
  For now it’s basically doing my IT chores for me. The other night I had it finally get around to setting up some dashboards and Prometheus monitoring for some various sensors and WiFi stuff around the house. Useful when I need it, but not something I ever got around to doing myself for the past 7 years since I moved in. Knocking out that todo list is pretty nice!
  The risk is pretty moderate for me. Worst case it deletes configs or bricks something it has access to and I need to roll back from backups it does not have permissions to even know exist, much less modify. It certainly has zero access to personal email, real production environments, or anything like that.
  
  Kye ・ 3 hours ago
  
  It increasingly seems like most people make a different decision after thinking through the security implications of something like this. This is me being charitable.
  
  sam-cop-vimes ・ 4 hours ago
  
  It is possible that they don't understand the risks involved, but yes, it certainly is tapping into unmet need.
  
  frantathefranta ・ 3 hours ago
  
  > In isolation, nobody _wants_ their vehicle to spew black smoke.
  Honestly, when I was 12 years old and my dad floored the TDi in our Land Rover (with the diesel particulate filter deleted), it felt satisfying in a way, like the machine is allowed to be its most efficient self.
  Now that I'm adult, I know that it's marginal gains for the car and terrible for the environment, but there are people that have the thinking capability of a 12 year old driving these trucks. I don't think all of them do it because of spite (though I'm sure most do).
  
  croes ・ 3 hours ago
  
  And don’t care about them but they endanger third parties too.
  And many of them are people who should know better.
  Let’s make them 100% liable
- Iolaum ・ 4 hours ago
  
  While I don't have OpenClaw installed and not sure how I 'd use it I doubt all the hype around it is because it doesn't solve a real problem. The project grew to huge popularity organically!!!
  How can that happen if it doesn't serve a need people have?
  
  eru ・ 4 hours ago
  
  Compare NFTs. For them, it depends a bit on whether you see scratching a gambling itch as a real problem.
  
  tryauuum ・ 2 hours ago
  
  people are trying to run as fast as they can so that they are not left behind
  (I've never run openclaw but planning)
  
  g947o ・ 4 hours ago
  ・ 5 more
  
  Maybe let me ask this question:
  How is this any different from NFT?
  
  danielbln ・ an hour ago
  
  I'll ignore the bait and answer: NFTs were gambling in disguise, these claws are personal/household assistants, that proactively perform various tasks and can be genuinely useful. The security problem is very much unsolved, but comparing them to NFTs is just willfully ignorant at best
  
  PurpleRamen ・ 4 hours ago
  ・ 3 more
  
  NFTs can't delete your mails.
  
  CamperBob2 ・ 3 hours ago
  ・ 2 more
  
  "And that's why we've created MailCoin, the best way to perform stochastic mailbox ablation with with the latest, hottest blockchain technology." - from Show HN, March 20, 2026
  
  ElFitz ・ 2 hours ago
  
  Now with NFTs and pixel art, memorialising each and every one of your deleted emails in a unique and non-fungible way.
  …
  …
  Now I actually want to make it, and build a "card trading game" on top of it.

rcr-anti ・ 2 hours ago

If you look at the commit history, they started work on this the Saturday before announcement, so about 2 days. There are references to design docs so it was in the works for some amount of time, but the implementation was from scratch (unless they falsified the timestamps for some reason).

chill_ai_guy ・ 2 hours ago

Lol you think these github repos just materialize as is? They probably did all the iteration and development internally and then ported it over to a github repo and made it public afterwards
- mjr00 ・ an hour ago
  
  No they didn't. You can see all the commits as this was built iteratively[0]. This project started development on Saturday morning and now it's here.
  This is pretty common now, people love to rapidly throw together stuff and show it off a few days later. The only thing different about this from your average Show HN sloppa is that it's living under the NVIDIA Github org, though that also has 700+ repositories[1] in it so they don't appear too discerning about what makes it into the official repo.
  My best guess is this was an internal hackathon project they wanted to release publicly.
  [0] https://github.com/NVIDIA/NemoClaw/commits/main/?after=241ff...
  [1] https://github.com/orgs/NVIDIA/repositories?type=all
  
  elif ・ an hour ago
  ・ 2 more
  
  Sorry to be the one to inform you that we edit history in git.
  There has been reporting on nemoclaw for the last couple weeks. Are you supposing that journalists were writing about software that hadn't even been designed?
  
  mjr00 ・ an hour ago
  
  > Sorry to be the one to inform you that we edit history in git.
  Who is "we"? Do you work for NVidia?
  > There has been reporting on nemoclaw for the last couple weeks.
  The earliest reporting I've seen was yesterday. Can you link something from prior to March 14?
  edit: I did find some articles from before March 14[0] which says NVidia was "prepping" this. Which is extremely funny, because it means they were hyping up software which hadn't even started being written yet. The AI bubble truly does not stop delivering.
  > Are you supposing that journalists were writing about software that hadn't even been designed?
  If you think journalists writing about things that will never exist is new, welcome to the real world. There's a whole term for it.[1]
  [0] https://fudzilla.com/nvidia-opens-the-gates-with-nemoclaw/
  [1] https://en.wikipedia.org/wiki/Vaporware
  
  hypfer ・ an hour ago
  
  Cash in on the claw brand recognition by having "claw, but Nvidia".
  And, to be fair to them, it works. It sticks. It gets the desired reactions.
IncreasePosts ・ an hour ago

That's what I didn't understand about the acquisitions/partnerships that came out of the various claws. It's a fairly simple concept, and people were doing it before this but it just wasn't a meme. With AI you can easily build a claw in a weekend with maybe a hundred bucks worth of tokens. How do I know?

dmje ・ an hour ago

I think the whole thing is batshit, honestly.

Much as I love using Claude or whatever to help me write some code, it's under some level of oversight, with me as human checking stuff hasn't been changed in some weirdly strange way. As we all know by now, this can be 1. Just weird because the AI slept funny and suddenly decided to do Thing It Has Been Doing Consistently A Totally Different Way Today or 2. Weird because it's plain wrong and a terrible implementation of whatever it was you asked for

It seems blindingly, blindingly obvious to me that EVEN IF I had the MOST TRUSTED secretary that had been with me for 10 years, I'd STILL want to have some input into the content they were interacting with and pushing out into the world with my name on.

The entire "claw" thing seems to be some bizarre "finger in ears, pretend it's all fine" thing where people just haven't thought in the slightest about what is actually going on here. It's incredibly obvious to me that giving unfettered access to your email or calendar or mobile or whatever is a security disaster, no matter what "security context" you pretend it's wrapped up in. A proxy email account is still sending email on your behalf, a proxy calendar is still organising things on your calendar. The irony is that for this thing to be useful, it's got to be ...useful - which means it has at some level to have pretty full access to your stuff.

And... that's a hard no from me, at least right now given what we all know about the state of current agents.

Plus... I'm just not sure of the upside. Am I seriously that busy that I need something to "organise my day" for me? Not really.

elif ・ an hour ago

Then give your agent its own name, its own accounts, and let it push things out without your name.

islandfox100 ・ an hour ago

I'm still extremely skeptical on Claws as a genre, and especially more skeptical of a claw that's always reporting home. What's the use case for a closed claw?

TeeWEE ・ 2 hours ago

I think nanoclaw is architecturaly much better suited to solve this problem.

CrzyLngPwd ・ an hour ago

Gotta say, that I feel kind of sad for the people that feel the need for these claw things.

Are they so busy with their lives that they need an assistant, or do they waste their lives speaking to it like it is a human, and then doomscrolling on some addictive site instead of attending to their lives in the real world?

sailfast ・ 20 minutes ago

It’s not a need - it’s a fun new thing - fun to see what’s possible and how it helps.
OpenClaw is not easy to set up or user friendly for most (BlueBubbles and Claw had an annoying bug recently) - but the way I have seen it work well requires an up front time investment and then interest compounds RAPIDLY to help manage things and be more productive.
My guess is maybe you’ve never had an assistant or tried a Claw instance? I’ve never had a human assistant but man I’ve had folks that took silly things off my plate and it’s worth it.
rsoto2 ・ 32 minutes ago

It is sad, psychosis from exec-up has trickled down so people really want these tools to work yet these tools are so bad that people in this thread are recommending you create a second email so your openclaw can suggest events to you without being able to delete them.
It's like having to hire a second maid to watch your maid that steals constantly instead of vacuuming yourself in 10 mins.

here2learnstuff ・ 4 hours ago

It’s impressive someone early in their career shipped this. There seems to be a stark increase in high-quality AI/data projects from early-career engineers lately and I'm super curious what’s driving that (and honestly speaking: a little jealous).

cj ・ 3 hours ago

Sometimes experience (or more so the wisdom you've accumulated over a long career) creates mental blocks / preconceptions about risks or problems you foresee, which makes it harder to approach big scary problems if you're able to anticipate all of the challenges you're likely to hit.
Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
The most meaningful technical advances I've personally seen always started out as "let's just do it, it will only take a weekend" and then 2 years later, you find yourself with a finished product. (If you knew it would take 2 years from the start, you might have never bothered)
Naivety isn't always a bad thing.
- stuxnet79 ・ 3 hours ago
  
  > Compare that to a smart engineer who doesn't have that wisdom: those people might have an easier time jumping in to difficult problems without the mental burden of knowing all of the problems upfront.
  My favorite story in CS related to this is how Huffman Coding came to be [1]
  [1] https://en.wikipedia.org/wiki/Huffman_coding#History
- austinthetaco ・ 3 hours ago
  
  This is so incredibly accurate. I see all these side projects people are spinning up and can't help but think "Sure it might work at first but the first time i have to integrate it with something else i'll have to spend a week trying to get them to work. Hell that'll probably require an annoying rewrite and its not even worth what I get out of it"
- undefined ・ 3 hours ago
  
  [deleted]
embedding-shape ・ 4 hours ago

There are four "people" that contributes (https://github.com/NVIDIA/NemoClaw/graphs/contributors) judging by the git commits and the GitHub authors, none of them seem to be novices at programming, what made you write what you wrote here?
- Panda4 ・ 3 hours ago
  
  I think he's talking about the original claw, Open Claw
  
  terhechte ・ 3 hours ago
  
  How is Peter "early in their career"? When he sold PSPDFKit for 100mio in 2020 he had been working on it for 13 years, and before that he'd worked as an engineer.
  
  krzyk ・ 3 hours ago
  
  OpenClaw? The one started by a person that sold his previous company and got >$100M ? I wouldn't call him a novice either.
meindnoch ・ an hour ago

If you started your career more than ~2-3 years ago, you were trained on a completely different game. Clear abstractions, ownership, careful iteration, all that. That muscle memory is actively hindering you; preventing you from succeeding.
The people coming up now don't have that baggage. They never internalized "write the code yourself" as the default. They think in terms of spawning systems, letting things run, checking outcomes. It's way closer to managing a process than engineering in the traditional sense. And yeah, that shows up in what gets shipped. A 21-year-old will brute force 20 directions in parallel with agents and just pick what works. Someone more "experienced" will spend that same time trying to design the "right" approach up front. By the time they're done thinking, the other person has already iterated past them.
It's kind of unsettling is how basically all of these "senior instincts" are now liabilities. Caring about perfect structure, being allergic to randomness, needing to understand every layer before moving forward, etc. used to be strengths. Now they just slow you down.
You can already feel the split forming. Younger builders are comfortable letting systems do things they don't fully understand. Senior engineers keep trying to pull everything back into something legible and controlled, kneecapping themselves. That gap is not small.
What I'm seeing in my circle of founders and CEOs is that they're slowly laying off these older devs (cutoff age is around 24yrs) and replacing them with fresh, young talent, better suited for this new agentic era. From their reports the velocity gains are insane; and it compounds. Basically, these older folks are still doing polynomial thinking in an exponential landscape. They are dinosaurs slated for extinction.
- dragonwriter ・ 34 minutes ago
  
  Software development keeps going through YOLO->Engineering cycles, and the non-technical business folks are ALWAYS overindexing on the swing, in each direction, while the real pros are trying to navigate the new to find how to best leverage the power of new tooling without abandoning correctness while dealing with the expectations of people with power that far outstrips their comprehension of the domain.
jjmarr ・ 4 hours ago

A lot of senior engineering problems aren't gated by experience but by being trusted to coordinate large numbers of juniors.
Now that as a junior, I can spin up a team of AIs and delegate, I can tackle a bunch of senior level tasks if I'm good at coordination.
- austinthetaco ・ 3 hours ago
  
  I think this is a fundamentally flawed perspective on the role and experience of a senior. It's a managers role to coordinate junior engineers. The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
  
  jjmarr ・ 3 hours ago
  
  > It's a managers role to coordinate junior engineers.
  Due to AI this is now my job. My company is hiring less juniors, but the ones we do hire are given more scope and coordination responsibilities since otherwise we'd just be LLM wrappers.
  > The difference between junior and senior is knowing where and when to do what at an increasing scale as you gain experience.
  Many juniors believe they know what to do. And want to immediately take on yuge projects.
  e.g. I decided I want to rewrite my whole codebase in C++20 modules for compile time.
  Prior to AI, I wouldn't be given help for this refactor so it wouldn't happen.
  Now I just delegate to AI and convert my codebase to modules in just a few days!
  At that point I discovered Clang 18 wasn't really optimized for modules and they actually increased build time. If I had more experience I could've predicted using half-baked C++ features is a bad idea.
  That being said, every once in a while one of my stupid ideas actually pays off.
  e.g. I made a parallel AI agent code review workflow a few months ago back when everyone was doing single agent reviews. The seniors thought it was a dumb idea to reinvent the wheel when we had AI code review already, but it only took a day or two to make the prototype.
  Turns out reinventing the wheel was extremely effective for our team. It reduced mean time-to-merge by 20%!
  This was because we had too many rules (several hundred, due to cooperative multitasking) for traditional AI code reviewers. Parallel agents prevented the rules from overwhelming the context.
  But at the time, I just thought parallel agents were cool because I read the Gas Town blog and wasn't thinking about "do we have any unique circumstances that require us to build something internally?"
swalsh ・ 3 hours ago

Neurons that fire together, wire together. Your brain optimizes for your environment over time. As we get older, our brains are running in a more optimized way than when we're younger. That's why older hunters are more effective than younger hunters. They're finely tuned for their environment. It's an evolutionary advantage. But it also means that they're not firing in "novel" ways as much as the "kids". "kids" are more creative I think because their brains are still adopting, exploring novelty, neuron connections aren't as deeply tied together yet.
This is also maybe one of the biggest pitfalls as our society get's "older" with more old people, and less "kids". We need kids to force us to do things differently.
lelanthran ・ 3 hours ago

> It’s impressive someone early in their career shipped this.
Hang on, what's impressive about this?
dirkc ・ 3 hours ago

Not 100% sure this isn't sarcasm, but I'll bite.
For me (a non-early career dev) these projects terrify me. People build stuff that just seem like enormous liabilities relying on tools mostly controlled and gate kept by someone else. My intuition tells me something is off. I could be wrong about it all, but one thing I've learned over the years is that ignoring my intuition typically doesn't end well!
PurpleRamen ・ 3 hours ago

What is impressive about this project? It seems to be similar to other projects in that space.
otabdeveloper4 ・ an hour ago

OpenClaw is many things, but decidedly not "high-quality".
vonneumannstan ・ 3 hours ago

Should be obvious that its tools like Claude Code. If you are a junior dev not experienced in delivering entire products but with good ideas you have incredible leverage now...
bpavuk ・ 4 hours ago

because the floor is fucking insane for junior developers right now!!

elif ・ an hour ago

I kind of hope nemoclaw uptake and spark usage pushes ARM into the spotlight for LLM development, making it the primary release target rather than x86.

This could be the opening we need to wrangle a truly opensource-first ecosystem away from Microsoft and apple.

edf13 ・ an hour ago

jrmg ・ an hour ago

It’s amusing that ‘claw’ is sticking around as a term for these kind of things, when it was originally a pretty transparent attempt to avoid infringing on ‘Claude’…

nzoschke ・ an hour ago

We are in the wild wild west.

I’m looking for feedback, testing and possible security engineering contracts for the approach we are taking at Housecat.com.

The agent accesses everything through a centralized connections proxy. No direct API tokens or access.

This means we can apply additional policies and approval workflows and audit all access.

https://housecat.com/docs/v2/features/connection-hub

Some obvious ones are only grant read and draft permissions at all, and review and send drafts manually.

Some more clever ones are to only allow sending 5 messages a day, or enforcing soft delete patterns. This prevents accidentally spamming everyone or deleting things.

Next up is giving the agent “wrapped” and down scoped tokens you do want to equip it with the ability to do direct API calls. But these still go through the proxy that enforces the policies too.

quantium1628 ・ 2 hours ago

counterpoint: this assumes everyone has the same constraints. not always true

the_real_cher ・ 4 hours ago

what about just using an unprivileged container and mounting a host folder to run open claw?

tucaz ・ 4 hours ago

OpenClaw is so bad with Docker. I spent hours on it and hit road block after road block trying to get the most basic things working.
The last one was inability to install dependencies on the docker container to enable plugins. The existing scripts and instructions don’t work (at least I couldn’t get them to work. Maybe a me problem).
So I gave up and moved on. What was supposed to be a helpful assistant became a nightmare.
- k_bx ・ 4 hours ago
  
  Did you try Incus? Gives you VM-like experience in a container
- eru ・ 4 hours ago
  
  Why not use a VM?
  
  amelius ・ 4 hours ago
  
  Why not ask an AI?
- bazmattaz ・ 3 hours ago
  
  I’m not an engineer and now I realise why I’ve been struggling getting OpenClaw setup in docker. I just can’t get it to work. Makes sense that it needs access to the underlying OS
- bicepjai ・ 4 hours ago
  
  Same experience. I used Coolify and it was so hard. I wondered why people are so enthralled with this unacceptable UX for setup, only to realize no one cared about Docker and they just got a new Mac mini or used their own system.
- danhon ・ 3 hours ago
  
  Absolutely this. I finally got it working, but the instructions and scripts for setting it up with Docker absolutely do not work.
brightball ・ 4 hours ago

I'm curious if people have had success running it on Cloudflare workers. I know there was a lot of hype about that a few weeks ago.
yopojones ・ 3 hours ago

Riight, unprivileged lxc/lxd container takes 2s to set up. Thanks NV, sticking with opencode.
liuliu ・ 3 hours ago

The problem is that it cannot access your credentials hence useless.
cowpig ・ 3 hours ago

Containers and VMs are really annoying to work with for these kinds of applications. Things like agent-safehouse and greywall are better imo
- yopojones ・ 2 hours ago
  
  I've honestly found containers a breeze for such use cases. Inference lives on the host, crazy lives in an unpriv'd overlayfs container that I don't mind trashing the root of, and is like nothing in resources to clone, and gives a clean mitm surface via a veth. That said, greywall looks pretty dope!

webagent255 ・ 2 hours ago

[dead]

StephenZ15ga59 ・ 3 minutes ago

tldr for anyone skimming: the key insight is in section 3

Heer_J ・ 4 hours ago

[dead]

quatonion ・ 34 minutes ago

I refuse to install Israeli spyware, even if it comes from NVIDIA.

Jensen saying board rooms all across America are having discussions regarding what their OpenClaw strategy is complete b.s. and comparing it to more important than Linux. What tf is he smoking.

It is a complete security nightmare no matter which way you look at it, especially with side chain attacks like Glassworm in the mix.

Why is this OpenClaw stuff being pushed so hard when it is essentially nothing more than an agentic loop around an LLM call plus a bunch of common tools. Something that Claude Code, or pick your favorite coding agent can knock together for you in an afternoon.

The only purpose to this is garbage to sell tokens to prop up the hype bubble and install a Trojan horse that can collect all your personal data. Everything else is a smokescreen.

Just say no.

Veen ・ 33 minutes ago

What does any of this have to do with Israel?

benzguo ・ 2 hours ago

Check out https://zo.computer - we've been doing OpenClaw for nearly a year, it works out of the box, and has hosting built-in. Zo arguably was the inspiration for Peter to create OpenClaw.

chill_ai_guy ・ 2 hours ago

It's quite sad you are riding the coattails of Openclaw here and on Twitter. You only talk about how you were "first" but never say why you are arguably nowhere near all the competitors in terms of distribution that supposedly copied from you
wahnfrieden ・ 2 hours ago

Why do you think OpenClaw caught on much faster?
- tempoponet ・ an hour ago
  
  OpenClaw had a huge viral marketing campaign. It wasn't a coincidence everyone on twitter was talking about it at the same time suddenly. To its credit, it also executed well enough in a few areas that captured people's imagination. Most of the concepts are ideas people have been toying with for years, though.