Reviews and approves blocked agent network requests in the TUI. Use when approving or denying sandbox egress requests, managing blocked network calls, or using the approval TUI. Adds, removes, or modifies allowed endpoints in the sandbox policy. Use when customizing network policy, changing egress rules, or configuring sandbox endpoint access.
Reviews and approves blocked agent network requests in the TUI. Use when approving or denying sandbox egress requests, managing blocked network calls, or using the approval TUI.
PATH.Review and act on network requests that the agent makes to endpoints not listed in the sandbox policy. OpenShell intercepts these requests and presents them in the TUI for operator approval.
Start the OpenShell terminal UI to monitor sandbox activity:
$ openshell term
For a remote sandbox, pass the instance name:
$ ssh my-gpu-box 'cd /home/ubuntu/nemoclaw && . .env && openshell term'
The TUI displays the sandbox state, active inference provider, and a live feed of network activity.
When the agent attempts to reach an endpoint that is not in the baseline policy, OpenShell blocks the connection and displays the request in the TUI. The blocked request includes the following details:
The TUI presents an approval prompt for each blocked request.
Approved endpoints remain in the running policy until the sandbox stops. They are not persisted to the baseline policy file.
To observe the approval flow in a guided session, run the walkthrough script:
$ ./scripts/walkthrough.sh
This script opens a split tmux session with the TUI on the left and the agent on the right.
The walkthrough requires tmux and the NVIDIA_API_KEY environment variable.
Add, remove, or modify the endpoints that the sandbox is allowed to reach.
The sandbox policy is defined in a declarative YAML file in the NemoClaw repository and enforced at runtime by NVIDIA OpenShell. NemoClaw supports both static policy changes that persist across restarts and dynamic updates applied to a running sandbox through the OpenShell CLI.
Static changes modify the baseline policy file and take effect after the next sandbox creation.
Open nemoclaw-blueprint/policies/openclaw-sandbox.yaml and add or modify endpoint entries.
If you only need one of the built-in presets, use nemoclaw <name> policy-add instead of editing YAML by hand:
$ nemoclaw my-assistant policy-add
To remove a previously applied preset, use nemoclaw <name> policy-remove:
$ nemoclaw my-assistant policy-remove
Use a manual YAML edit when you need to allow custom hosts that are not covered by a preset, such as an internal API or a weather service.
Each entry in the network section defines an endpoint group with the following fields:
endpoints
: Host and port pairs that the sandbox can reach.
binaries
: Executables allowed to use this endpoint.
rules
: HTTP methods and paths that are permitted.
Apply the updated policy by re-running the onboard wizard:
$ nemoclaw onboard
The wizard picks up the modified policy file and applies it to the sandbox.
Check that the sandbox is running with the updated policy:
$ nemoclaw <name> status
Dynamic changes apply a policy update to a running sandbox without restarting it.
Create a YAML file with the endpoints to add.
Follow the same format as the baseline policy in nemoclaw-blueprint/policies/openclaw-sandbox.yaml.
Use the OpenShell CLI to apply the policy update:
$ openshell policy set --policy <policy-file> <sandbox-name>
The change takes effect immediately.
Dynamic changes apply only to the current session. When the sandbox stops, the running policy resets to the baseline defined in the policy file. To make changes permanent, update the static policy file and re-run setup.
For one-off access, you can approve blocked requests in the OpenShell TUI instead of editing the baseline policy:
$ openshell term
This is useful when you want to test a destination before deciding whether it belongs in a permanent preset or custom policy file.
NemoClaw ships preset policy files for common integrations in nemoclaw-blueprint/policies/presets/.
Apply a preset as-is or use it as a starting template for a custom policy.
During onboarding, the policy tier (see the nemoclaw-user-reference skill) you select determines which presets are enabled by default.
You can add or remove individual presets in the interactive preset screen that follows tier selection.
Available presets:
| Preset | Endpoints |
|---|---|
brave | Brave Search API |
brew | Homebrew (Linuxbrew) package manager |
discord | Discord webhook API |
github | GitHub and GitHub REST API |
huggingface | Hugging Face Hub (download-only) and inference router |
jira | Atlassian Jira API |
npm | npm and Yarn registries |
outlook | Microsoft 365 and Outlook |
pypi | Python Package Index |
slack | Slack API and webhooks |
telegram | Telegram Bot API |
To apply a preset to a running sandbox, pass it as a policy file:
$ openshell policy set --policy nemoclaw-blueprint/policies/presets/pypi.yaml my-assistant
To include a preset in the baseline, merge its entries into openclaw-sandbox.yaml and re-run nemoclaw onboard.
nemoclaw-user-reference — Network Policies for the full baseline policy referencenemoclaw-user-monitor-sandbox — Monitor Sandbox Activity for general sandbox monitoring