Description
The get-started/quickstart.html doc lists this as the canonical first command a new user runs after nemoclaw <name> connect to verify the sandbox is responding:
openclaw agent --agent main --local -m "hello" --session-id test
Running this command inside the sandbox produces an immediate refusal — the --local flag is explicitly forbidden inside NemoClaw sandboxes because it bypasses the gateway's security protections (secret scanning, network policy, inference auth). The very first command a new user runs to "say hello" therefore fails out of the box, contradicting the doc and giving a very bad first impression.
Environment
Host: macOS 26.1
Architecture: arm64 (Apple Silicon M4)
Container runtime: Colima
NemoClaw: v0.0.44
OpenShell CLI: 0.0.39
OpenClaw: 2026.4.24 (inside sandbox)
Sandboxes tested: nv-test (Option 1 NVIDIA), ollama-test (Option 7 Local Ollama)
Both reject the same way — the rejection is sandbox-side,
not provider-specific.
Steps to Reproduce
- Complete
nemoclaw onboard to build a sandbox (any provider).
- Follow
get-started/quickstart.html exactly:
nemoclaw <name> connect
openclaw agent --agent main --local -m "hello" --session-id test
- Observe the sandbox rejects the command and prints the guidance to drop
--local.
Expected Result
The doc command runs successfully and prints a model reply (e.g. "hello" or a greeting). The expected user experience at this step is "see the sandbox say hello back."
Actual Result
The sandbox prints this rejection and exits non-zero:
Error: 'openclaw agent --local' is not supported inside NemoClaw sandboxes.
The --local flag bypasses the gateway's security protections (secret scanning,
network policy, inference auth) and can crash the sandbox.
Instead, run without --local to use the gateway's managed inference route:
openclaw agent --agent main -m "hello"
Root Cause Analysis
The runtime rejection is correct and intentional — --local bypassing gateway protections in a sandbox would defeat the security model. The bug is purely on the docs side. get-started/quickstart.html shows the user a command the sandbox itself explicitly forbids. The connect banner already gives the correct guidance ("run openclaw tui"), so the quickstart doc is the outlier. The --session-id test argument is also unnecessary and worth dropping for clarity.
Proposed Fix
Update get-started/quickstart.html to use the sandbox-supported form:
openclaw agent --agent main -m "hello"
…i.e. drop --local and --session-id test.
Optionally add a one-line caveat near the example: "Inside a NemoClaw sandbox, --local is rejected on purpose because it bypasses the gateway's security and network policy. Use the form above to route through the gateway." Cross-reference reference/openclaw-cli.html so users who want to understand the flag find the explanation.
Affected docs / pages
- Confirmed:
get-started/quickstart.html (the "say hello" step at end of quickstart).
- Not in scope (already covered by NVB#6186072):
deploy-to-remote-gpu.html, monitor-sandbox-activity.html.
This bug is specifically for the quickstart page since it's the first page a new user reads.
Logs
Full transcript and other 11 findings from this validation run at nemoclaw-test/nemoclaw-doc-validation-2026-05-18.md (section "Critical #11").
NVB#6187087
Description
The
get-started/quickstart.htmldoc lists this as the canonical first command a new user runs afternemoclaw <name> connectto verify the sandbox is responding:Running this command inside the sandbox produces an immediate refusal — the
--localflag is explicitly forbidden inside NemoClaw sandboxes because it bypasses the gateway's security protections (secret scanning, network policy, inference auth). The very first command a new user runs to "say hello" therefore fails out of the box, contradicting the doc and giving a very bad first impression.Environment
Steps to Reproduce
nemoclaw onboardto build a sandbox (any provider).get-started/quickstart.htmlexactly:--local.Expected Result
The doc command runs successfully and prints a model reply (e.g.
"hello"or a greeting). The expected user experience at this step is "see the sandbox say hello back."Actual Result
The sandbox prints this rejection and exits non-zero:
Root Cause Analysis
The runtime rejection is correct and intentional —
--localbypassing gateway protections in a sandbox would defeat the security model. The bug is purely on the docs side.get-started/quickstart.htmlshows the user a command the sandbox itself explicitly forbids. The connect banner already gives the correct guidance ("runopenclaw tui"), so the quickstart doc is the outlier. The--session-id testargument is also unnecessary and worth dropping for clarity.Proposed Fix
Update
get-started/quickstart.htmlto use the sandbox-supported form:openclaw agent --agent main -m "hello"…i.e. drop
--localand--session-id test.Optionally add a one-line caveat near the example: "Inside a NemoClaw sandbox,
--localis rejected on purpose because it bypasses the gateway's security and network policy. Use the form above to route through the gateway." Cross-referencereference/openclaw-cli.htmlso users who want to understand the flag find the explanation.Affected docs / pages
get-started/quickstart.html(the "say hello" step at end of quickstart).deploy-to-remote-gpu.html,monitor-sandbox-activity.html.This bug is specifically for the quickstart page since it's the first page a new user reads.
Logs
Full transcript and other 11 findings from this validation run at
nemoclaw-test/nemoclaw-doc-validation-2026-05-18.md(section "Critical #11").NVB#6187087