feat(onboard): add NEMOCLAW_MINIMAL_BOOTSTRAP workspace-seed flag#4870
Merged
Conversation
…seed (#2598) The default workspace seed (AGENTS.md, SOUL.md, IDENTITY.md, USER.md, TOOLS.md, HEARTBEAT.md) in /sandbox/.openclaw/workspace contributes roughly 12k chars to every agent prompt via OpenClaw's per-turn bootstrap context injection. For trivial turns this is half the system prompt with no behavioral benefit; agents already run with skipBootstrap=true. Add an opt-in env var that gates the seed in scripts/nemoclaw-start.sh:seed_default_workspace_templates() and propagates from the host through `openshell sandbox create -- env`. Verified end-to-end on a Brev box (OpenClaw 2026.5.27 + Ollama): - Unflagged: 23,872 chars (project 12,350 + non-project 11,522) - Flagged: 11,622 chars (project 665 + non-project 10,957) - Delta: -12,250 chars (~-3,062 tokens, -51%) Residual non-project context (~10,957 chars) is OpenClaw framework boilerplate; tracked separately for upstream. Refs #2598 Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
Contributor
|
PR changed again? Review this PR in Change Stack to compare snapshots and stay oriented. Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughThe PR adds support for a ChangesMinimal Bootstrap Mode
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
Suggested labels
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
Contributor
E2E Advisor RecommendationRequired E2E: Dispatch hint: Full advisor summaryE2E Recommendation AdvisorBase: Required E2E
Optional E2E
New E2E recommendations
Dispatch hint
|
Contributor
E2E Scenario Advisor RecommendationRequired scenario E2E: Dispatch required scenario E2E:
Full scenario advisor summaryE2E Scenario AdvisorBase: Required scenario E2E
Optional scenario E2E
Relevant changed files
|
Contributor
PR Review AdvisorFindings: 0 needs attention, 0 worth checking, 0 nice ideas Consider writing more tests for
This is an automated advisory review. A human maintainer must make the final merge decision. |
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/lib/onboard.ts`:
- Around line 3563-3566: The added 3-line conditional for the
NEMOCLAW_MINIMAL_BOOTSTRAP env flag increases file size and triggers the growth
guardrail; make it line-neutral by collapsing it into a single-line expression
or merging it with the nearby env assignment so no net new lines are
added—specifically adjust the block that references formatEnvAssignment and
envArgs.push for "NEMOCLAW_MINIMAL_BOOTSTRAP" (the new conditional) to be a
one-liner or integrated into the adjacent conditional/assignment so the
functionality remains but the added lines are eliminated.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 1c74746b-9dbd-482b-bd2f-a4ddd08ad420
📒 Files selected for processing (3)
scripts/nemoclaw-start.shsrc/lib/onboard.tstest/nemoclaw-start.test.ts
… test env (#2598) Address CodeRabbit feedback on #4870: - Major (codebase-growth-guardrails): the 4-line conditional added to createSandbox tripped the file growth check. Collapse to a single line; semantics unchanged. - Nice idea: runSeed inherits process.env, so a developer with NEMOCLAW_MINIMAL_BOOTSTRAP=1 in their shell would silently break the existing "seeds templates" tests. Default to "" in the env spread so each test still controls the flag via its own override. Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
…lper (#2598) codebase-growth-guardrails hard-caps src/lib/onboard.ts at net 0 since the file is already ~12k lines. Even the 1-line conditional from the previous fixup tripped the check. Move the propagation into the existing src/lib/onboard/host-proxy-env.ts helper, which already handles host->sandbox env var forwarding via the same `openshell sandbox create -- env ... nemoclaw-start` path. Remove the inline if from onboard.ts, taking onboard.ts to net -1 vs main. Also add the host-side propagation tests the PR Review Advisor's worth-checking item asked for: assert NEMOCLAW_MINIMAL_BOOTSTRAP=1 propagates, and asserts unset/empty/"0"/"true"/"yes" do not. Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 27042892079
|
Collaborator
|
Review note: the implementation looks directionally correct for an opt-in minimal-bootstrap mitigation, but I recommend tightening the PR before merge. What I verified:
Recommendations:
I would not consider these blocking for the core mechanics, but docs/wording are important because this is a new user-visible runtime knob. |
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 27043126252
|
…ence note (#2598) Address cv's review feedback on #4870: 1. Replace "empties workspace seed" wording. The flag does NOT delete files already present, it only skips default workspace template seeding for new/pristine workspaces. Update code comments in scripts/nemoclaw-start.sh and src/lib/onboard/host-proxy-env.ts. 2. Add operator-facing docs note in docs/manage-sandboxes/runtime-controls.mdx documenting the new env var, the exact templates it skips (AGENTS.md, SOUL.md, IDENTITY.md, USER.md, TOOLS.md, HEARTBEAT.md), and the non-deletion contract. 3. Frame as partial #2598 mitigation in both the code comment and the docs: this PR addresses the project-context contribution from NemoClaw's seeded workspace templates; the remaining OpenClaw framework/non-project context is tracked upstream at openclaw/openclaw#14785. Signed-off-by: Charan Jagwani <cjagwani@nvidia.com>
Contributor
|
🌿 Preview your docs: https://nvidia-preview-pr-4870.docs.buildwithfern.com/nemoclaw |
Contributor
Author
|
wording fix, docs row, partial-mitigation framing all in. skipped the capture test since onboard.ts:3544 already invokes the helper unchanged |
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (1)
docs/manage-sandboxes/runtime-controls.mdx (1)
36-36: ⚡ Quick winRemove bold emphasis from routine prose in the table cell.
**Does not delete files already present.**uses bold for non-warning text; keep this plain text (or use a proper callout only if it is a true warning). LLM pattern detected.
As per coding guidelines, bold is reserved for UI labels, parameter names, and genuine warnings.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@docs/manage-sandboxes/runtime-controls.mdx` at line 36, Remove the bold markup around the sentence "Does not delete files already present." in the table cell that describes the Default OpenClaw workspace template seed (the cell containing `AGENTS.md`, `SOUL.md`, `IDENTITY.md`, `USER.md`, `TOOLS.md`, `HEARTBEAT.md` and the `NEMOCLAW_MINIMAL_BOOTSTRAP` / `$$nemoclaw onboard` guidance); replace the `**...**` emphasis with plain text (or convert to a proper callout only if it is an actual warning) so it follows the guideline that bold is reserved for UI labels, parameter names, and real warnings.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@docs/manage-sandboxes/runtime-controls.mdx`:
- Line 36: Remove the bold markup around the sentence "Does not delete files
already present." in the table cell that describes the Default OpenClaw
workspace template seed (the cell containing `AGENTS.md`, `SOUL.md`,
`IDENTITY.md`, `USER.md`, `TOOLS.md`, `HEARTBEAT.md` and the
`NEMOCLAW_MINIMAL_BOOTSTRAP` / `$$nemoclaw onboard` guidance); replace the
`**...**` emphasis with plain text (or convert to a proper callout only if it is
an actual warning) so it follows the guideline that bold is reserved for UI
labels, parameter names, and real warnings.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: 8f2e3ac9-0020-4972-a004-861138b45a85
📒 Files selected for processing (3)
docs/manage-sandboxes/runtime-controls.mdxscripts/nemoclaw-start.shsrc/lib/onboard/host-proxy-env.ts
🚧 Files skipped from review as they are similar to previous changes (2)
- src/lib/onboard/host-proxy-env.ts
- scripts/nemoclaw-start.sh
Contributor
Selective E2E Results — ✅ All requested jobs passedRun: 27043589920
|
cv
approved these changes
Jun 5, 2026
miyoungc
added a commit
that referenced
this pull request
Jun 6, 2026
## Summary - Adds the `v0.0.60` section to `docs/about/release-notes.mdx` using the dev announcement from discussion #4877. - Fills the source-doc gaps found during release-prep review across inference, policy tiers, command behavior, security boundaries, Hermes dashboard/tooling, runtime context, and troubleshooting. - Refreshes generated agent skills under `.agents/skills/` from the current Fern docs output and upgrades Fern from `5.44.3` to `5.45.0`. ## Source summary - #4037 -> `docs/reference/architecture.mdx`, `docs/about/how-it-works.mdx`, `docs/about/release-notes.mdx`: Documents system-only runtime context that stays out of visible chat. - #4875 -> `docs/reference/architecture.mdx`, `docs/about/how-it-works.mdx`, `docs/about/release-notes.mdx`: Documents try-first sandbox network/filesystem guidance and clearer failure classification. - #4788 -> `docs/security/best-practices.mdx`, `docs/about/release-notes.mdx`: Documents shared OpenClaw device-approval policy for startup and connect. - #4768 -> `docs/reference/network-policies.mdx`, `docs/network-policy/integration-policy-examples.mdx`, `docs/get-started/quickstart.mdx`, `docs/get-started/quickstart-hermes.mdx`, `docs/reference/commands.mdx`: Documents `weather`, `public-reference`, and Hermes managed-tool gateway preset behavior. - #3788 and #4864 -> `docs/reference/network-policies.mdx`, `docs/reference/commands.mdx`: Documents non-interactive policy-tier fail-fast behavior and interactive prompt fallback. - #4756 and #4866 -> `docs/reference/commands.mdx`: Documents env-aware default sandbox resolution for `list`, `status`, and `tunnel` commands. - #4320 -> `docs/reference/commands.mdx`: Documents `$$nemoclaw tunnel status` behavior. - #4328 -> `docs/reference/commands.mdx`: Documents line-scoped policy preset descriptions in `policy-list`. - #4580 and #4748 -> `docs/reference/architecture.mdx`: Documents package-managed OpenShell gateway service and Docker-driver gateway-marker behavior. - #4598 -> `docs/manage-sandboxes/lifecycle.mdx`: Documents concurrent gateway/dashboard cleanup isolation by sandbox name and port. - #4777 -> `docs/reference/troubleshooting.mdx`: Documents Docker GPU patch rollback behavior. - #4610 -> `docs/reference/troubleshooting.mdx`, `docs/reference/commands.mdx`: Keeps mutable OpenClaw config permission guidance aligned and removes skipped experimental wording. - #4868 -> `docs/reference/commands.mdx`: Keeps `.dockerignore` handling for custom `onboard --from <Dockerfile>` contexts in generated skills. - #4870 -> `docs/reference/commands.mdx`, `docs/manage-sandboxes/runtime-controls.mdx`: Documents `NEMOCLAW_MINIMAL_BOOTSTRAP` and generated skill coverage. - #4641 -> `docs/inference/inference-options.mdx`, `docs/reference/troubleshooting.mdx`: Documents local NVIDIA NIM platform-digest pulls and served-model id adoption. - #4810 and #4867 -> `docs/inference/inference-options.mdx`: Documents stable NGC managed-vLLM image lineage and DGX Station DeepSeek V4 Flash coverage. - #4852 -> `docs/inference/use-local-inference.mdx`, `docs/reference/troubleshooting.mdx`: Documents Ollama model fit filtering, 16K context floor, cold-load retry, and failed-model exclusion. - #4847 -> `docs/inference/switch-inference-providers.mdx`: Documents API-family sync, Hermes `api_mode`, and Bedrock Runtime exception. - #4800 -> `docs/inference/tool-calling-reliability.mdx`: Documents Nemotron managed-inference native tool-search fallback. - #4333 -> `docs/inference/switch-inference-providers.mdx`: Documents interactive multimodal input prompting. - #4086 -> `docs/reference/troubleshooting.mdx`: Keeps proxy bypass normalization in generated troubleshooting coverage. - #4811 and #4855 -> `docs/get-started/quickstart-hermes.mdx`: Documents prebuilt Hermes dashboard assets and TUI recovery without runtime rebuilds. - #4854 -> `docs/inference/switch-inference-providers.mdx`, `docs/reference/commands.mdx`: Documents Hermes proxy API-key placeholder preservation during inference switches. - #4248 -> `docs/manage-sandboxes/messaging-channels.mdx`, `.agents/skills/`: Keeps messaging enrollment behavior aligned with manifest-hook implementation. - #4771 -> `docs/security/best-practices.mdx`, `docs/security/credential-storage.mdx`: Documents Hermes placeholder-only secret boundary for sandbox-visible runtime files. - #4787 -> `docs/security/best-practices.mdx`, `docs/about/release-notes.mdx`: Documents expanded memory scanner examples for OpenAI project keys and Slack app-level tokens. - #4848 -> `docs/reference/commands.mdx`: Documents OpenClaw skill install mirroring into the agent home directory. - #4790 -> `docs/about/release-notes.mdx`: Uses the prior release-prep structure and generated `.agents/skills/` refresh as the template for this release. ## Verification - `python3 scripts/docs-to-skills.py docs/ .agents/skills/ --prefix nemoclaw-user --doc-platform fern-mdx` - `python3 scripts/docs-to-skills.py docs/ .agents/skills/ skills/ --prefix nemoclaw-user --doc-platform fern-mdx --dry-run` - `npm run docs` - `git diff --check` - skip-term scan across `docs/`, `.agents/skills/`, and `skills/` - `npm run build:cli` - `npm run typecheck:cli` - Commit and pre-push hook suites, including markdownlint, gitleaks, env-var docs gate, docs-to-skills verification, and skills YAML tests <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * **New Features** * DeepSeek-V4-Flash now available as default inference model for DGX Station. * Hermes dashboard improved with dedicated port and OAuth-authenticated tool gateway selection. * Added weather and public-reference policy presets for expanded agent capabilities. * Enhanced Ollama model selection with GPU memory filtering and automatic retry for timeouts. * **Bug Fixes** * Improved policy tier validation to prevent invalid configurations. * Better sandbox cleanup scoping by port to prevent conflicts across deployments. * Added GPU patch failure recovery with automatic rollback. * **Documentation** * Expanded troubleshooting guides for inference, security, and sandbox lifecycle. * Added .dockerignore best practices for custom deployments. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Carlos Villela <cvillela@nvidia.com>
12 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Opt-in env var that skips default workspace template seeding (
AGENTS.md,SOUL.md,IDENTITY.md,USER.md,TOOLS.md,HEARTBEAT.md) for new/pristine workspaces at sandbox boot. Does NOT delete files already present.Partial mitigation for #2598: addresses the project-context contribution from NemoClaw's seeded workspace templates (~3k tokens off OpenClaw's per-turn bootstrap context injection). The remaining OpenClaw framework/non-project context overhead is out of NemoClaw's scope and tracked upstream at openclaw/openclaw#14785.
Changes
scripts/nemoclaw-start.sh: gateseed_default_workspace_templatesonNEMOCLAW_MINIMAL_BOOTSTRAP=1src/lib/onboard/host-proxy-env.ts: propagate the env from host throughopenshell sandbox create -- envso the in-sandbox check fires (bundled with proxy env propagation to keepsrc/lib/onboard.tsline-budget-neutral)test/onboard.test.ts: host-side propagation tests (set/unset cases)test/nemoclaw-start.test.ts: 2 tests (skips when flag=1, still seeds otherwise)docs/manage-sandboxes/runtime-controls.mdx: operator-facing note in the mutability tableVerification (GCP Brev box, OpenClaw 2026.5.27 + Ollama + llama3.2:1b)
New sandboxes onboarded with
NEMOCLAW_MINIMAL_BOOTSTRAP=1have a pristine workspace at/sandbox/.openclaw/workspace; skip log fires in/tmp/nemoclaw-start.log. The residual 665 chars of project context is OpenClaw's runtime-generatedIDENTITY.md, not seeded by us. The non-project context (~10,957 chars) is OpenClaw framework boilerplate, tracked upstream as noted above.Verification checklist
npm testpasses (targeted vitest: 10/10 on seed_default_workspace_templates + 4/4 on host-proxy-env propagation)docs/manage-sandboxes/runtime-controls.mdxRefs #2598
Summary by CodeRabbit
New Features
Tests
Documentation