Description
Description
(1) The nemoclaw shields up, shields down, and shields status commands exist and accept user-relevant options (timeout, reason, policy choice), but no NemoClaw documentation page mentions them. Users searching the docs for "shield" find nothing.
(2) The "sandbox mutability story" is fragmented across many pages with no consolidated reference that answers the most common user question: "What can I change at runtime, what requires a rebuild, and what is locked at creation?" Users currently piece this together from scattered sentences across the overview, architecture, sub-agent, switch-inference, sandbox-hardening, network-policy, best-practices, and quickstart pages.
Environment
Device: Any host running NemoClaw v0.0.37
OS: All client platforms (issue is in user-facing docs)
Architecture: N/A
Node.js: N/A
npm: N/A
Docker: N/A
OpenShell CLI: N/A
NemoClaw: 0.0.37 (preferred version on docs.nvidia.com/nemoclaw/)
OpenClaw: N/A
Steps to Reproduce
A. Verify shields commands have no public documentation:
-
Open https://docs.nvidia.com/nemoclaw/latest/ and use the site search for "shields" → no results.
-
Open the Commands reference, the Security pages (best-practices, openclaw-controls, credential-storage), and Troubleshooting; search each for "shield" → no hits.
-
Open the user-reference agent skill bundled with NemoClaw and search for "shield" → no hits.
-
The capability still exists at the CLI; users discover it only by trial-and-error or by reading source.
B. Verify the mutability story is fragmented (no consolidated reference):
-
Try to answer "Which parts of my sandbox are mutable at runtime, and how do I change each one?" from the docs alone.
-
To assemble the answer, the user has to visit and read pieces of:
-
About → Overview / How It Works / Ecosystem (read-only system paths, hot-reload vs lock-at-creation framing)
-
Reference → Architecture (filesystem zones, policy update propagation)
-
Inference → Switch Inference Providers, Set Up Sub-Agent (immutable openclaw.json at runtime, sub-agent config-hash mutability)
-
Network Policy → Customize Network Policy, Approve Network Requests (static vs dynamic policy edits, runtime approval flow)
-
Security → Best Practices, Sandbox Hardening (hot-reload guidance, Landlock enforcement)
-
Manage Sandboxes → Lifecycle (post-onboarding ops including rebuild)
-
Get Started → Quickstart (preset read-only ↔ read-write toggle inline in the wizard)
-
After all of the above, the user still cannot find a single page that answers, for each commonly changed item (model, provider, policy preset, openclaw.json keys, agents.list, channel tokens, dashboard port, GPU passthrough, sandbox name, shields posture), whether the change is runtime-mutable, hot-reloadable, requires rebuild, or requires re-onboard.
Expected Result
Two complementary additions to user-facing documentation:
(1) A dedicated section that documents the shields commands with operator-only framing.
Suggested home: docs/security/openclaw-controls.md (new section) or a new docs/manage-sandboxes/runtime-controls.md page. The section should cover:
-
nemoclaw shields status — current shields state, including any active timer and the policy in effect
-
`nemoclaw shields down [--timeout ] [--reason
Actual Result
-
Site search and per-page search for "shields" return no results across the user-facing docs and the bundled user-reference skill.
-
Mutability information is genuinely good in the individual pages cited in the Steps to Reproduce above, but is fragmented enough that a user with a single concrete question ("can I change my agent's model without rebuilding?", "is openclaw.json editable while the sandbox is running?", "how do I temporarily lower the policy for an operator session?") cannot reach a definitive answer from one page.
-
This is the underlying cause behind multiple user signals: the DGX Spark complaint about needing external help to coordinate proxy / OpenShell / local inference, and the docs reviewer's explicit question about mutability and shields documentation.
Logs
Not applicable (docs content review).
Bug Details
| Field |
Value |
| Priority |
Unprioritized |
| Action |
Dev - Open - To fix |
| Disposition |
Open issue |
| Module |
Machine Learning - NemoClaw |
| Keyword |
NemoClaw, NemoClaw_Docs, NEMOCLAW_GH_SYNC_APPROVAL, NemoClaw-SWQA-VDR |
[NVB#6157356]
Description
Description
(1) The
nemoclaw shields up,shields down, andshields statuscommands exist and accept user-relevant options (timeout, reason, policy choice), but no NemoClaw documentation page mentions them. Users searching the docs for "shield" find nothing.(2) The "sandbox mutability story" is fragmented across many pages with no consolidated reference that answers the most common user question: "What can I change at runtime, what requires a rebuild, and what is locked at creation?" Users currently piece this together from scattered sentences across the overview, architecture, sub-agent, switch-inference, sandbox-hardening, network-policy, best-practices, and quickstart pages.
Steps to ReproduceEnvironment
A. Verify shields commands have no public documentation:
Open https://docs.nvidia.com/nemoclaw/latest/ and use the site search for "shields" → no results.
Open the Commands reference, the Security pages (best-practices, openclaw-controls, credential-storage), and Troubleshooting; search each for "shield" → no hits.
Open the user-reference agent skill bundled with NemoClaw and search for "shield" → no hits.
The capability still exists at the CLI; users discover it only by trial-and-error or by reading source.
B. Verify the mutability story is fragmented (no consolidated reference):
Try to answer "Which parts of my sandbox are mutable at runtime, and how do I change each one?" from the docs alone.
To assemble the answer, the user has to visit and read pieces of:
About → Overview / How It Works / Ecosystem (read-only system paths, hot-reload vs lock-at-creation framing)
Reference → Architecture (filesystem zones, policy update propagation)
Inference → Switch Inference Providers, Set Up Sub-Agent (immutable openclaw.json at runtime, sub-agent config-hash mutability)
Network Policy → Customize Network Policy, Approve Network Requests (static vs dynamic policy edits, runtime approval flow)
Security → Best Practices, Sandbox Hardening (hot-reload guidance, Landlock enforcement)
Manage Sandboxes → Lifecycle (post-onboarding ops including rebuild)
Get Started → Quickstart (preset read-only ↔ read-write toggle inline in the wizard)
After all of the above, the user still cannot find a single page that answers, for each commonly changed item (model, provider, policy preset, openclaw.json keys, agents.list, channel tokens, dashboard port, GPU passthrough, sandbox name, shields posture), whether the change is runtime-mutable, hot-reloadable, requires
rebuild, or requires re-onboard.Expected Result
Two complementary additions to user-facing documentation:
(1) A dedicated section that documents the shields commands with operator-only framing.
Suggested home: docs/security/openclaw-controls.md (new section) or a new docs/manage-sandboxes/runtime-controls.md page. The section should cover:
nemoclaw shields status— current shields state, including any active timer and the policy in effect`nemoclaw shields down [--timeout ] [--reason
Actual Result
Site search and per-page search for "shields" return no results across the user-facing docs and the bundled user-reference skill.
Mutability information is genuinely good in the individual pages cited in the Steps to Reproduce above, but is fragmented enough that a user with a single concrete question ("can I change my agent's model without rebuilding?", "is openclaw.json editable while the sandbox is running?", "how do I temporarily lower the policy for an operator session?") cannot reach a definitive answer from one page.
This is the underlying cause behind multiple user signals: the DGX Spark complaint about needing external help to coordinate proxy / OpenShell / local inference, and the docs reviewer's explicit question about mutability and shields documentation.
Logs
Bug Details
[NVB#6157356]