docs: refresh v0.0.64 release docs

[miyoungc]

Summary

• Add v0.0.64 release notes from the release announcement and link them to the relevant deeper docs.
• Document that custom policy presets recorded through policy-add --from-file and --from-dir survive snapshot restore and sandbox recreation.
• Refresh generated NemoClaw user skills from the current source docs.

Source summary

• fix(sandbox): preserve custom policy presets across snapshot restore #5104 -> docs/manage-sandboxes/backup-restore.mdx, docs/network-policy/customize-network-policy.mdx: Documents custom policy presets preserved through snapshot restore.
• fix(onboard): pin Brave web-search plugin and preserve its apiKey through build doctor #4955 -> docs/about/release-notes.mdx: Adds release-note coverage for Brave web-search pinning and BRAVE_API_KEY placeholder preservation.
• fix(sandbox): tie gateway healthcheck marker to launch site, not env hint (#4710) #5116, fix(onboard): update gateway rootfs guard #5269 -> docs/about/release-notes.mdx: Adds release-note coverage for Docker-driver gateway health and rootfs guard stability.
• fix(inference): force completions API for providers without /v1/responses #5241, fix(inference): inject tool-less system prompt for Ultra 550B (#4851) #5085 -> docs/about/release-notes.mdx: Adds release-note coverage for chat-completions provider selection and Nemotron Ultra 550B tool-less request compatibility.
• fix(messaging): refresh stale messaging render plans #5268, fix(openclaw): recover replaced scope upgrade approvals #5210, fix(hermes): preinstall WhatsApp bridge deps #5257 -> docs/about/release-notes.mdx: Adds release-note coverage for messaging render plan refresh, OpenClaw scope-upgrade approval recovery, and Hermes WhatsApp bridge dependency setup.
• Current source docs -> .agents/skills/: Regenerates user-skill references so agent-facing guidance matches the source documentation.

Verification

• python3 scripts/docs-to-skills.py docs/ .agents/skills/ --prefix nemoclaw-user --doc-platform fern-mdx
• npm run docs
• npm run build:cli
• npm run typecheck:cli
• Commit/pre-push hooks: markdownlint, gitleaks, docs-to-skills verification, TypeScript CLI, and skills YAML checks passed.

Summary by CodeRabbit

• Documentation
  • Snapshots now preserve and restore custom policy presets so originals aren’t required.
  • Sandbox setup and remote deployment guidance moved to Docker-based workflows and emphasize remote onboarding and GPU selection.
  • Expanded troubleshooting for gateway recovery, onboarding resume, Docker/WSL GPU issues, and status-recovery.
  • Added CLI docs for advanced maintenance, session export, upload/download wrappers, and fixed command formatting.
  • Added v0.0.64 release notes and links to the NemoClaw Community.

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Walkthrough

Documentation-only PR adding v0.0.64 release notes and multiple docs updates: snapshot/preset persistence, sub-agent Docker exec patterns, remote onboarding/deploy restructuring, new CLI host subcommands and session/file export docs, troubleshooting recovery changes, community links, and a docs-only CI from-ref tweak.

Changes

NemoClaw v0.0.64 Documentation Release

Layer / File(s)	Summary
Release Notes v0.0.64 .agents/skills/nemoclaw-user-overview/references/release-notes.md, docs/about/release-notes.mdx	New v0.0.64 release section added to skill and main docs covering snapshot preset preservation, onboarding stability, inference routing, messaging setup, and validation improvements.
Snapshot Backup/Restore and Policy Preset Persistence .agents/skills/nemoclaw-user-manage-policy/SKILL.md, .agents/skills/nemoclaw-user-manage-sandboxes/references/backup-restore.md, docs/manage-sandboxes/backup-restore.mdx, docs/network-policy/customize-network-policy.mdx	Unified documentation explaining that custom policy presets added via policy-add --from-file/--from-dir are preserved in snapshots with full YAML and replayed during restore/rebuild so restored sandboxes maintain policy state without original preset files.
Sub-Agent Setup with Docker Exec Command Patterns .agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md	Sub-agent setup workflow migrated from Kubernetes kubectl exec to Docker docker exec commands for container discovery, config export/update, explicit /sandbox/.openclaw/.config-hash synchronization, and permission enforcement.
Inference Configuration and AgentOnly Component Wiring .agents/skills/nemoclaw-user-configure-inference/SKILL.md	AgentOnly import relocated; Hermes prerequisite updated to reference the Hermes Quickstart instead of the generic Quickstart.
Remote GPU Deployment: Preferred vs Legacy Brev Flow .agents/skills/nemoclaw-user-deploy-remote/SKILL.md	Remote deployment guidance restructured to emphasize preferred path (provision VM → installer → nemoclaw onboard), explicit env vars (CHAT_UI_URL, NEMOCLAW_SANDBOX_READY_TIMEOUT), legacy nemoclaw deploy Brev compatibility separated as deprecated fallback, and GPU/dashboard guidance clarified.
CLI Commands: Brave Search, Advanced Maintenance, Sessions Export, and File Transfer .agents/skills/nemoclaw-user-reference/references/commands.md, docs/reference/commands*.mdx	Variant-scoped Brave Search onboarding guidance added; new host-side subcommands documented: nemoclaw <name> config get, nemoclaw <name> shields; nemoclaw <name> sessions export documented with formats and filtering; host wrappers download/upload described; nemoclaw status recovery suggestion updated; --format table rendering fixed.
Troubleshooting and Recovery Flows .agents/skills/nemoclaw-user-reference/references/troubleshooting.md	Troubleshooting guide updated to prefer managed-gateway recovery via nemoclaw onboard --resume over manual gateway commands; covers gateway-down, host reboot, TLS certificate mismatch, and Docker Desktop WSL GPU patch failures with CDI guidance.
Community References, Minor Docs Fixes, and Ecosystem Links .agents/skills/nemoclaw-user-manage-policy/references/integration-policy-examples.md, .agents/skills/nemoclaw-user-overview/references/ecosystem-hermes.md, .agents/skills/nemoclaw-user-overview/references/ecosystem.md, .agents/skills/nemoclaw-user-overview/references/overview.md, docs/reference/commands-nemohermes.mdx, docs/reference/commands.mdx	Added "NemoClaw Community" links to overview and ecosystem docs for blueprint examples; escaped pipe characters in --format option descriptions for correct rendering.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related issues

• [All Platforms][Docs] Set Up Sub-Agents doc: missing prerequisite for running NemoClaw sandbox / openshell-cluster-nemoclaw container #5077: Targets Set Up Sub-Agents docs; this PR replaces kubectl exec with docker exec patterns and updates /sandbox/.openclaw/.config-hash.

Possibly related PRs

• NVIDIA/NemoClaw#5247: Overlaps sub-agent kubectl→docker exec updates and remote onboarding adjustments.
• NVIDIA/NemoClaw#5162: Touches the same AgentOnly placement and Hermes Quickstart prerequisite edits.

Suggested labels

v0.0.64

Suggested reviewers

• cv
• prekshivyas

Poem

🐰 A rabbit reads the changelog bright and clear,
Presets and snapshots now safely appear,
Docker steps hop in where kubectl fell,
Onboardings hum and CLI bells do swell,
v0.0.64 — a joyful cheer! 🌟

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'docs: refresh v0.0.64 release docs' directly and accurately describes the main objective of the PR: updating documentation for v0.0.64 release including release notes, policy preset persistence docs, and regenerated user-skill references.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/v0.0.64-release-refresh

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🌿 Preview your docs: https://nvidia-preview-pr-5358.docs.buildwithfern.com/nemoclaw

[github-actions]

E2E Advisor Recommendation

Required E2E: None
Optional E2E: docs-validation-e2e

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

• None. No merge-blocking E2E is recommended because the PR changes documentation, assistant skill guidance, and CI check configuration only. The diff does not modify installer/onboarding code, sandbox lifecycle implementation, credential handling, network policy assets/schemas, inference routing code, deployment scripts, or live assistant runtime behavior.

Optional E2E

• docs-validation-e2e (low): Optional confidence for broad docs/reference changes: validates CLI/docs parity and local Markdown links through the existing docs validation E2E-style Vitest job. Useful because command reference and user docs changed, but not merge-blocking for runtime safety.

New E2E recommendations

• agent-skill-doc-validation (low): Existing docs-validation-e2e focuses on CLI/docs parity and local documentation links; it does not specifically validate .agents skill Markdown imports, AgentOnly blocks, cross-skill references, or copyable command snippets in assistant skill packs.
  • Suggested test: Add an agent-skill documentation validation job that parses .agents/skills content, checks relative references/imports, and verifies command snippets intended for user guidance remain syntactically valid.

[github-actions]

Vitest E2E Scenario Recommendation

Required Vitest E2E scenarios: None
Optional Vitest E2E scenarios: None

Workflow run

Full Vitest E2E advisor summary

Vitest E2E Scenario Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required Vitest E2E scenarios

• None. Changes are limited to documentation, agent skill content, and the general PR workflow. No Vitest scenario registry, live support, fixtures, live tests, or .github/workflows/e2e-vitest-scenarios.yaml machinery changed, so no Vitest E2E scenario dispatch is required.

Optional Vitest E2E scenarios

• None.

Relevant changed files

• None.

[github-actions]

PR Review Advisor

Findings: 2 needs attention, 9 worth checking, 0 nice ideas
Since last review: 0 prior items resolved, 9 still apply, 0 new items found

Review findings

🛠️ Needs attention

• Generated local-inference skill still does not match the source docs (.agents/skills/nemoclaw-user-configure-inference/SKILL.md:15): The PR claims the generated NemoClaw user skills were refreshed from current source docs, but this generated skill remains malformed. The OpenClaw-only block includes the Hermes prerequisite, the block is not closed before normal content, and the `AgentOnly` import appears after first use. That can break skill rendering and deliver the wrong variant-specific prerequisites to agents.
  • Recommendation: Regenerate or manually fix this generated skill so the import appears before component usage and the OpenClaw and Hermes prerequisite blocks are separate and balanced, matching `docs/inference/use-local-inference.mdx` and `skills/nemoclaw-user-configure-inference/SKILL.md`.
  • Evidence: The generated file opens `<AgentOnly variant="openclaw">`, includes both OpenClaw and Hermes prerequisite bullets, then continues into normal content before `import { AgentOnly } from "../_components/AgentGuide";`. The source MDX and source skill keep the import near the top and close separate OpenClaw/Hermes blocks.
• Generated release-notes skill contains content not present in the source release note (.agents/skills/nemoclaw-user-overview/references/release-notes.md:17): The generated `.agents` release-notes reference includes a v0.0.64 release-validation bullet that is not present in `docs/about/release-notes.mdx`. If `.agents` is generated from source docs, this contradicts the PR's generated-skill refresh claim.
  • Recommendation: Regenerate the skill from the current source or update the source release note intentionally so generated and source v0.0.64 bullets match exactly.
  • Evidence: `.agents/skills/nemoclaw-user-overview/references/release-notes.md` includes `Release validation expands live Vitest coverage...`; `docs/about/release-notes.mdx` v0.0.64 ends after the messaging setup bullet.

🔎 Worth checking

• Source-of-truth review needed: .agents/skills/nemoclaw-user-configure-inference/SKILL.md generated skill refresh: The advisor marked localized patch analysis as missing.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: Generated `.agents/skills/nemoclaw-user-configure-inference/SKILL.md` has the import after prerequisites; source MDX/source skill import first and close separate variant blocks.
• Source-of-truth review needed: .agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md manual config edit guidance: The advisor marked localized patch analysis as needs_followup.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: The changed snippet discovers `SANDBOX_CTR` with `docker ps ... | sed -n '1p'` and then runs multiple `docker exec --user root` commands.
• Source-of-truth review needed: .agents/skills/nemoclaw-user-overview/references/release-notes.md generated release notes: The advisor marked localized patch analysis as missing.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: The generated skill includes `Release validation expands live Vitest coverage...`; the source `docs/about/release-notes.mdx` v0.0.64 section does not.
• Source-of-truth review needed: Release-note compatibility/fallback claims: The advisor marked localized patch analysis as needs_followup.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: The rootfs guard clause is not explicit in `docs/about/release-notes.mdx`, and generated release notes include a source-mismatched release-validation bullet.
• Root Docker maintenance path does not validate a unique sandbox container (.agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md:51): The sub-agent guidance selects the first container with the sandbox-name label and then runs privileged `docker exec --user root` commands against it. If the sandbox variable is empty, labels are stale, or duplicate matching containers exist, the operator can edit the wrong container or run a privileged maintenance path outside NemoClaw's managed controls.
  • Recommendation: Validate that exactly one running container matches the sandbox label before any root `docker exec`, fail closed on zero or multiple matches, and prefer managed NemoClaw/OpenShell commands where available.
  • Evidence: `SANDBOX_CTR=$(docker ps --filter "label=openshell.ai/sandbox-name=$SANDBOX" --format "{{.Names}}" | sed -n '1p')` chooses the first match, and subsequent commands use `docker exec --user root "$SANDBOX_CTR" ...`.
• Sub-agent guidance copies credential-bearing config without sensitivity warnings (.agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md:52): The docs copy `/sandbox/.openclaw/openclaw.json` to `/tmp/openclaw.json` and later instruct users to place auxiliary provider credentials in sandbox auth-profile files, but do not warn about restrictive permissions, cleanup, avoiding paste/log exposure, or preferring provider-routed credential delivery when possible.
  • Recommendation: Add explicit handling guidance: treat copied config and auth profiles as secrets, use owner-only files, clean temporary files after upload, do not commit or paste them, and route credentials through OpenShell providers where supported.
  • Evidence: The snippet writes config to `/tmp/openclaw.json`, then the same section describes `/sandbox/.openclaw/agents/<agent-id>/agent/auth-profiles.json` for provider keys.
• Sub-agent config edit docs can still imply integrity that startup will not enforce (.agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md:65): The updated text says the default mutable state is not tamper-proof, which is an improvement, but the command block still recomputes `.config-hash`, changes both config files to `sandbox:sandbox`, and sets mode `444`. That readonly-looking state can imply hardening even though startup fail-closed enforcement requires the supported root-owned lockdown posture.
  • Recommendation: Either leave the files in the documented mutable posture and explicitly say this is not hardening, or show the supported `nemoclaw <name> shields up` / runtime-controls path immediately after the manual edit. Avoid presenting sandbox-owned read-only files as an integrity-enforced state.
  • Evidence: The snippet runs `chown sandbox:sandbox /sandbox/.openclaw/openclaw.json /sandbox/.openclaw/.config-hash` followed by `chmod 444` on both files.
• Release-note source summary claims rootfs guard coverage that is not explicit in the release note (docs/about/release-notes.mdx:23): The PR source summary says the release notes add coverage for Docker-driver gateway health and rootfs guard stability. The visible v0.0.64 release-note bullet covers Docker-driver gateway health checks, but does not explicitly mention rootfs or root filesystem guard stability.
  • Recommendation: Either add a short explicit rootfs-guard stability mention to the v0.0.64 release notes or adjust the source summary so acceptance evidence matches the diff.
  • Evidence: `docs/about/release-notes.mdx` says Docker-driver gateway health checks follow the entrypoint path, but the v0.0.64 section has no visible `rootfs`, `root filesystem`, or rootfs-guard wording.
• Docs-to-skills validation did not catch malformed generated MDX (.agents/skills/nemoclaw-user-configure-inference/SKILL.md:15): The claimed docs-to-skills verification did not prevent a generated skill from checking in with an import after component use and unbalanced variant blocks. That weakens confidence in generated agent-facing docs, especially for security-sensitive inference and sandbox configuration guidance.
  • Recommendation: Add or tighten validation that generated skills have imports before component usage, balanced `AgentOnly` blocks, no generated drift from source docs, and no unsafe root-Docker maintenance snippets without exact-one container validation.
  • Evidence: The generated local-inference skill is malformed while `docs/inference/use-local-inference.mdx` and `skills/nemoclaw-user-configure-inference/SKILL.md` are structurally correct.

🌱 Nice ideas

• None.

Consider writing more tests for

• **Runtime validation** — Add a docs-to-skills validation test that fails when a generated skill uses `<AgentOnly>` before importing `AgentOnly`.. Runtime behavior is not changed here, but the PR changes generated agent-facing docs for security-sensitive sandbox config editing, policy replay, session export, gateway recovery, and workflow enforcement. Existing validation did not catch generated/source drift.
• **Runtime validation** — Add a docs-to-skills validation test that fails when generated `AgentOnly` blocks are unbalanced or merge OpenClaw/Hermes-only prerequisites into one variant.. Runtime behavior is not changed here, but the PR changes generated agent-facing docs for security-sensitive sandbox config editing, policy replay, session export, gateway recovery, and workflow enforcement. Existing validation did not catch generated/source drift.
• **Runtime validation** — Add a generated-doc drift test comparing `.agents/skills/nemoclaw-user-configure-inference/SKILL.md` against the structural `AgentOnly` sections in `docs/inference/use-local-inference.mdx`.. Runtime behavior is not changed here, but the PR changes generated agent-facing docs for security-sensitive sandbox config editing, policy replay, session export, gateway recovery, and workflow enforcement. Existing validation did not catch generated/source drift.
• **Runtime validation** — Add a generated-release-notes parity test proving `.agents/skills/nemoclaw-user-overview/references/release-notes.md` contains exactly the v0.0.64 bullets from `docs/about/release-notes.mdx`.. Runtime behavior is not changed here, but the PR changes generated agent-facing docs for security-sensitive sandbox config editing, policy replay, session export, gateway recovery, and workflow enforcement. Existing validation did not catch generated/source drift.
• **Runtime validation** — Add a docs/security lint fixture rejecting Docker-driver maintenance snippets that select `sed -n '1p'` from labeled containers before root `docker exec`, unless the snippet validates exactly one running container.. Runtime behavior is not changed here, but the PR changes generated agent-facing docs for security-sensitive sandbox config editing, policy replay, session export, gateway recovery, and workflow enforcement. Existing validation did not catch generated/source drift.
• **Docs-to-skills validation did not catch malformed generated MDX** — Add or tighten validation that generated skills have imports before component usage, balanced `AgentOnly` blocks, no generated drift from source docs, and no unsafe root-Docker maintenance snippets without exact-one container validation.
• **Acceptance clause:** Add v0.0.64 release notes from the release announcement and link them to the relevant deeper docs. — add test evidence or identify existing coverage. `docs/about/release-notes.mdx` adds `## v0.0.64` with links to deeper docs, but release-announcement fidelity could not be independently verified from deterministic linked issue/comment context, the rootfs guard summary is not explicit in the source note, and the generated release-notes skill has an extra source-mismatched bullet.
• **Acceptance clause:** Refresh generated NemoClaw user skills from the current source docs. — add test evidence or identify existing coverage. `.agents/skills/nemoclaw-user-configure-inference/SKILL.md` still diverges structurally from `docs/inference/use-local-inference.mdx` and `skills/nemoclaw-user-configure-inference/SKILL.md`; `.agents/skills/nemoclaw-user-overview/references/release-notes.md` also includes a v0.0.64 bullet not present in `docs/about/release-notes.mdx`.

Since last review details

Current findings:

• Source-of-truth review needed: .agents/skills/nemoclaw-user-configure-inference/SKILL.md generated skill refresh: The advisor marked localized patch analysis as missing.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: Generated `.agents/skills/nemoclaw-user-configure-inference/SKILL.md` has the import after prerequisites; source MDX/source skill import first and close separate variant blocks.
• Source-of-truth review needed: .agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md manual config edit guidance: The advisor marked localized patch analysis as needs_followup.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: The changed snippet discovers `SANDBOX_CTR` with `docker ps ... | sed -n '1p'` and then runs multiple `docker exec --user root` commands.
• Source-of-truth review needed: .agents/skills/nemoclaw-user-overview/references/release-notes.md generated release notes: The advisor marked localized patch analysis as missing.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: The generated skill includes `Release validation expands live Vitest coverage...`; the source `docs/about/release-notes.mdx` v0.0.64 section does not.
• Source-of-truth review needed: Release-note compatibility/fallback claims: The advisor marked localized patch analysis as needs_followup.
  • Recommendation: Identify the invalid state, source boundary, source-fix constraint, regression test, and removal condition before merging the localized behavior.
  • Evidence: The rootfs guard clause is not explicit in `docs/about/release-notes.mdx`, and generated release notes include a source-mismatched release-validation bullet.
• Generated local-inference skill still does not match the source docs (.agents/skills/nemoclaw-user-configure-inference/SKILL.md:15): The PR claims the generated NemoClaw user skills were refreshed from current source docs, but this generated skill remains malformed. The OpenClaw-only block includes the Hermes prerequisite, the block is not closed before normal content, and the `AgentOnly` import appears after first use. That can break skill rendering and deliver the wrong variant-specific prerequisites to agents.
  • Recommendation: Regenerate or manually fix this generated skill so the import appears before component usage and the OpenClaw and Hermes prerequisite blocks are separate and balanced, matching `docs/inference/use-local-inference.mdx` and `skills/nemoclaw-user-configure-inference/SKILL.md`.
  • Evidence: The generated file opens `<AgentOnly variant="openclaw">`, includes both OpenClaw and Hermes prerequisite bullets, then continues into normal content before `import { AgentOnly } from "../_components/AgentGuide";`. The source MDX and source skill keep the import near the top and close separate OpenClaw/Hermes blocks.
• Generated release-notes skill contains content not present in the source release note (.agents/skills/nemoclaw-user-overview/references/release-notes.md:17): The generated `.agents` release-notes reference includes a v0.0.64 release-validation bullet that is not present in `docs/about/release-notes.mdx`. If `.agents` is generated from source docs, this contradicts the PR's generated-skill refresh claim.
  • Recommendation: Regenerate the skill from the current source or update the source release note intentionally so generated and source v0.0.64 bullets match exactly.
  • Evidence: `.agents/skills/nemoclaw-user-overview/references/release-notes.md` includes `Release validation expands live Vitest coverage...`; `docs/about/release-notes.mdx` v0.0.64 ends after the messaging setup bullet.
• Root Docker maintenance path does not validate a unique sandbox container (.agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md:51): The sub-agent guidance selects the first container with the sandbox-name label and then runs privileged `docker exec --user root` commands against it. If the sandbox variable is empty, labels are stale, or duplicate matching containers exist, the operator can edit the wrong container or run a privileged maintenance path outside NemoClaw's managed controls.
  • Recommendation: Validate that exactly one running container matches the sandbox label before any root `docker exec`, fail closed on zero or multiple matches, and prefer managed NemoClaw/OpenShell commands where available.
  • Evidence: `SANDBOX_CTR=$(docker ps --filter "label=openshell.ai/sandbox-name=$SANDBOX" --format "{{.Names}}" | sed -n '1p')` chooses the first match, and subsequent commands use `docker exec --user root "$SANDBOX_CTR" ...`.
• Sub-agent guidance copies credential-bearing config without sensitivity warnings (.agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md:52): The docs copy `/sandbox/.openclaw/openclaw.json` to `/tmp/openclaw.json` and later instruct users to place auxiliary provider credentials in sandbox auth-profile files, but do not warn about restrictive permissions, cleanup, avoiding paste/log exposure, or preferring provider-routed credential delivery when possible.
  • Recommendation: Add explicit handling guidance: treat copied config and auth profiles as secrets, use owner-only files, clean temporary files after upload, do not commit or paste them, and route credentials through OpenShell providers where supported.
  • Evidence: The snippet writes config to `/tmp/openclaw.json`, then the same section describes `/sandbox/.openclaw/agents/<agent-id>/agent/auth-profiles.json` for provider keys.
• Sub-agent config edit docs can still imply integrity that startup will not enforce (.agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md:65): The updated text says the default mutable state is not tamper-proof, which is an improvement, but the command block still recomputes `.config-hash`, changes both config files to `sandbox:sandbox`, and sets mode `444`. That readonly-looking state can imply hardening even though startup fail-closed enforcement requires the supported root-owned lockdown posture.
  • Recommendation: Either leave the files in the documented mutable posture and explicitly say this is not hardening, or show the supported `nemoclaw <name> shields up` / runtime-controls path immediately after the manual edit. Avoid presenting sandbox-owned read-only files as an integrity-enforced state.
  • Evidence: The snippet runs `chown sandbox:sandbox /sandbox/.openclaw/openclaw.json /sandbox/.openclaw/.config-hash` followed by `chmod 444` on both files.
• Release-note source summary claims rootfs guard coverage that is not explicit in the release note (docs/about/release-notes.mdx:23): The PR source summary says the release notes add coverage for Docker-driver gateway health and rootfs guard stability. The visible v0.0.64 release-note bullet covers Docker-driver gateway health checks, but does not explicitly mention rootfs or root filesystem guard stability.
  • Recommendation: Either add a short explicit rootfs-guard stability mention to the v0.0.64 release notes or adjust the source summary so acceptance evidence matches the diff.
  • Evidence: `docs/about/release-notes.mdx` says Docker-driver gateway health checks follow the entrypoint path, but the v0.0.64 section has no visible `rootfs`, `root filesystem`, or rootfs-guard wording.
• Docs-to-skills validation did not catch malformed generated MDX (.agents/skills/nemoclaw-user-configure-inference/SKILL.md:15): The claimed docs-to-skills verification did not prevent a generated skill from checking in with an import after component use and unbalanced variant blocks. That weakens confidence in generated agent-facing docs, especially for security-sensitive inference and sandbox configuration guidance.
  • Recommendation: Add or tighten validation that generated skills have imports before component usage, balanced `AgentOnly` blocks, no generated drift from source docs, and no unsafe root-Docker maintenance snippets without exact-one container validation.
  • Evidence: The generated local-inference skill is malformed while `docs/inference/use-local-inference.mdx` and `skills/nemoclaw-user-configure-inference/SKILL.md` are structurally correct.

Workflow run details

This is an automated advisory review. A human maintainer must make the final merge decision.

[coderabbitai]

🧹 Nitpick comments (5)

docs/about/release-notes.mdx (4)

22-22: ⚡ Quick win

Split sentences onto separate lines and use active voice.

This line violates the style guide in two ways:

1. Multiple sentences on one line (the main statement ends at "sandbox." and then "For more information..." starts). The guide requires one sentence per line for diff readability.
2. Passive voice: "presets applied with" should use active voice. Since the commands are policy-add, use "presets you add with" to match the command name and maintain active voice.

📝 Suggested rewrite

-- Snapshot restore preserves custom policy presets applied with `policy-add --from-file` or `policy-add --from-dir`, so restored sandboxes keep the custom egress rules that were recorded with the source sandbox. For more information, refer to [Backup and Restore](../manage-sandboxes/backup-restore) and [Customize the Network Policy](../network-policy/customize-network-policy).
+- Snapshot restore preserves custom policy presets you add with `policy-add --from-file` or `policy-add --from-dir`, so restored sandboxes keep the custom egress rules that were recorded with the source sandbox.
+For more information, refer to [Backup and Restore](../manage-sandboxes/backup-restore) and [Customize the Network Policy](../network-policy/customize-network-policy).

As per coding guidelines: "One sentence per line in source (makes diffs readable). Flag paragraphs where multiple sentences appear on the same line." and "Active voice required. Flag passive constructions."

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/about/release-notes.mdx` at line 22, Split the single-line paragraph
into two lines (one sentence per line) and change the passive phrasing to active
voice: reword the first sentence to say that snapshot restore preserves custom
policy presets you add with the commands `policy-add --from-file` or `policy-add
--from-dir` (refer to that exact command text), and place the second sentence
"Restored sandboxes keep the custom egress rules that were recorded with the
source sandbox." on its own line; keep the existing links to Backup and Restore
and Customize the Network Policy unchanged.

Source: Coding guidelines

---

25-25: ⚡ Quick win

Split sentences onto separate lines.

This line has multiple sentences on one line, violating the style guide's requirement for one sentence per line.

📝 Suggested rewrite

-- Messaging setup refreshes stale render plans during rebuild, recovers replaced OpenClaw scope-upgrade approvals, and preinstalls Hermes WhatsApp bridge dependencies when the upstream lockfile is present. For more information, refer to [Messaging Channels](../manage-sandboxes/messaging-channels).
+- Messaging setup refreshes stale render plans during rebuild, recovers replaced OpenClaw scope-upgrade approvals, and preinstalls Hermes WhatsApp bridge dependencies when the upstream lockfile is present.
+For more information, refer to [Messaging Channels](../manage-sandboxes/messaging-channels).

As per coding guidelines: "One sentence per line in source (makes diffs readable). Flag paragraphs where multiple sentences appear on the same line."

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/about/release-notes.mdx` at line 25, The line containing "Messaging
setup refreshes stale render plans during rebuild, recovers replaced OpenClaw
scope-upgrade approvals, and preinstalls Hermes WhatsApp bridge dependencies
when the upstream lockfile is present. For more information, refer to [Messaging
Channels](../manage-sandboxes/messaging-channels)." has multiple sentences on
one line; split it so each sentence is on its own line (e.g., one line for the
first sentence about Messaging setup behavior and a separate line for the "For
more information..." sentence), preserving the link and punctuation exactly.

Source: Coding guidelines

---

24-24: ⚡ Quick win

Split sentences onto separate lines.

This line has multiple sentences on one line, violating the style guide's requirement for one sentence per line.

📝 Suggested rewrite

-- Inference routes choose chat completions for providers that do not expose `/v1/responses`, including NVIDIA Endpoints, NVIDIA NIM, and Gemini-compatible routes. NemoClaw also adds a targeted Nemotron Ultra 550B compatibility fix for tool-less requests. For more information, refer to [NemoClaw Inference Options](../inference/inference-options).
+- Inference routes choose chat completions for providers that do not expose `/v1/responses`, including NVIDIA Endpoints, NVIDIA NIM, and Gemini-compatible routes.
+NemoClaw also adds a targeted Nemotron Ultra 550B compatibility fix for tool-less requests.
+For more information, refer to [NemoClaw Inference Options](../inference/inference-options).

As per coding guidelines: "One sentence per line in source (makes diffs readable). Flag paragraphs where multiple sentences appear on the same line."

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/about/release-notes.mdx` at line 24, The release-notes paragraph
currently contains multiple sentences on one line (the line starting "Inference
routes choose chat completions for providers that do not expose `/v1/responses`,
including NVIDIA Endpoints, NVIDIA NIM, and Gemini-compatible routes. NemoClaw
also adds a targeted Nemotron Ultra 550B compatibility fix for tool-less
requests. For more information, refer to [NemoClaw Inference
Options](../inference/inference-options)."); split this into three separate
lines so each sentence is on its own line: one line for the inference routes
sentence, one for the NemoClaw compatibility sentence, and one for the "For more
information..." sentence, preserving the link and punctuation.

Source: Coding guidelines

---

23-23: ⚡ Quick win

Split sentences onto separate lines and use active voice.

This line has the same two style guide violations:

1. Multiple sentences on one line.
2. Passive voice: "keeps Brave Search pinned to" should be the active "pins Brave Search to".

📝 Suggested rewrite

-- OpenClaw onboarding keeps Brave Search pinned to the NemoClaw-managed runtime and preserves the `BRAVE_API_KEY` placeholder through build doctor. Docker-driver gateway health checks now follow the entrypoint path that actually launches the in-container gateway, which avoids misleading health reports on host-gateway setups. For more information, refer to [NemoClaw CLI Commands Reference](../reference/commands).
+- OpenClaw onboarding pins Brave Search to the NemoClaw-managed runtime and preserves the `BRAVE_API_KEY` placeholder through build doctor.
+Docker-driver gateway health checks now follow the entrypoint path that actually launches the in-container gateway, which avoids misleading health reports on host-gateway setups.
+For more information, refer to [NemoClaw CLI Commands Reference](../reference/commands).

As per coding guidelines: "One sentence per line in source (makes diffs readable)." and "Active voice required. Flag passive constructions."

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/about/release-notes.mdx` at line 23, Edit the sentence that begins
"OpenClaw onboarding keeps Brave Search pinned to..." to use active voice and
split sentences onto separate lines: change "keeps Brave Search pinned to" to
"pins Brave Search to" and write that as its own line preserving the
`BRAVE_API_KEY` placeholder, then put the Docker-driver gateway health check
sentence on a separate line (you can keep the current wording "Docker-driver
gateway health checks now follow the entrypoint path that actually launches the
in-container gateway, avoiding misleading health reports on host-gateway
setups."). Ensure each sentence is on its own line and uses active voice.

Source: Coding guidelines

.agents/skills/nemoclaw-user-reference/references/troubleshooting.md (1)

372-377: ⚡ Quick win

Use $$nemoclaw in alias-agnostic examples.

These new generic snippets are shared across the OpenClaw and Hermes docs, so hard-coding nemoclaw makes the generated Hermes pages render the wrong command name. Please switch the recovery example in troubleshooting.md and the new sessions export, download, and upload examples in commands.md to $$nemoclaw. As per coding guidelines, alias-agnostic command examples should use the build-time placeholder.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.agents/skills/nemoclaw-user-reference/references/troubleshooting.md around
lines 372 - 377, Replace hard-coded command examples using "nemoclaw" with the
build-time alias placeholder "$$nemoclaw": update the two lines in
troubleshooting.md that show "nemoclaw onboard --resume" and "nemoclaw <name>
connect" to use "$$nemoclaw", and similarly change the new examples for
"sessions export", "sessions download", and "sessions upload" in commands.md to
use "$$nemoclaw" instead of "nemoclaw" so examples are alias-agnostic; search
for the literal strings "nemoclaw onboard --resume", "nemoclaw <name> connect",
and the three sessions example snippets to locate and replace them.

Source: Coding guidelines

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In @.agents/skills/nemoclaw-user-reference/references/troubleshooting.md:
- Around line 372-377: Replace hard-coded command examples using "nemoclaw" with
the build-time alias placeholder "$$nemoclaw": update the two lines in
troubleshooting.md that show "nemoclaw onboard --resume" and "nemoclaw <name>
connect" to use "$$nemoclaw", and similarly change the new examples for
"sessions export", "sessions download", and "sessions upload" in commands.md to
use "$$nemoclaw" instead of "nemoclaw" so examples are alias-agnostic; search
for the literal strings "nemoclaw onboard --resume", "nemoclaw <name> connect",
and the three sessions example snippets to locate and replace them.

In `@docs/about/release-notes.mdx`:
- Line 22: Split the single-line paragraph into two lines (one sentence per
line) and change the passive phrasing to active voice: reword the first sentence
to say that snapshot restore preserves custom policy presets you add with the
commands `policy-add --from-file` or `policy-add --from-dir` (refer to that
exact command text), and place the second sentence "Restored sandboxes keep the
custom egress rules that were recorded with the source sandbox." on its own
line; keep the existing links to Backup and Restore and Customize the Network
Policy unchanged.
- Line 25: The line containing "Messaging setup refreshes stale render plans
during rebuild, recovers replaced OpenClaw scope-upgrade approvals, and
preinstalls Hermes WhatsApp bridge dependencies when the upstream lockfile is
present. For more information, refer to [Messaging
Channels](../manage-sandboxes/messaging-channels)." has multiple sentences on
one line; split it so each sentence is on its own line (e.g., one line for the
first sentence about Messaging setup behavior and a separate line for the "For
more information..." sentence), preserving the link and punctuation exactly.
- Line 24: The release-notes paragraph currently contains multiple sentences on
one line (the line starting "Inference routes choose chat completions for
providers that do not expose `/v1/responses`, including NVIDIA Endpoints, NVIDIA
NIM, and Gemini-compatible routes. NemoClaw also adds a targeted Nemotron Ultra
550B compatibility fix for tool-less requests. For more information, refer to
[NemoClaw Inference Options](../inference/inference-options)."); split this into
three separate lines so each sentence is on its own line: one line for the
inference routes sentence, one for the NemoClaw compatibility sentence, and one
for the "For more information..." sentence, preserving the link and punctuation.
- Line 23: Edit the sentence that begins "OpenClaw onboarding keeps Brave Search
pinned to..." to use active voice and split sentences onto separate lines:
change "keeps Brave Search pinned to" to "pins Brave Search to" and write that
as its own line preserving the `BRAVE_API_KEY` placeholder, then put the
Docker-driver gateway health check sentence on a separate line (you can keep the
current wording "Docker-driver gateway health checks now follow the entrypoint
path that actually launches the in-container gateway, avoiding misleading health
reports on host-gateway setups."). Ensure each sentence is on its own line and
uses active voice.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 930eee41-572f-4585-a5a2-4036c44f6885

📥 Commits

Reviewing files that changed from the base of the PR and between 0e30bff and 0d91ce6.

📒 Files selected for processing (17)

• .agents/skills/nemoclaw-user-configure-inference/SKILL.md
• .agents/skills/nemoclaw-user-configure-inference/references/set-up-sub-agent.md
• .agents/skills/nemoclaw-user-deploy-remote/SKILL.md
• .agents/skills/nemoclaw-user-manage-policy/SKILL.md
• .agents/skills/nemoclaw-user-manage-policy/references/integration-policy-examples.md
• .agents/skills/nemoclaw-user-manage-sandboxes/references/backup-restore.md
• .agents/skills/nemoclaw-user-overview/references/ecosystem-hermes.md
• .agents/skills/nemoclaw-user-overview/references/ecosystem.md
• .agents/skills/nemoclaw-user-overview/references/overview.md
• .agents/skills/nemoclaw-user-overview/references/release-notes.md
• .agents/skills/nemoclaw-user-reference/references/commands.md
• .agents/skills/nemoclaw-user-reference/references/troubleshooting.md
• docs/about/release-notes.mdx
• docs/manage-sandboxes/backup-restore.mdx
• docs/network-policy/customize-network-policy.mdx
• docs/reference/commands-nemohermes.mdx
• docs/reference/commands.mdx

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/pr.yaml:
- Around line 60-64: The CI workflow step "Install docs-only check dependencies"
now uses a multi-line run string, but test/pr-workflow-contract.test.ts still
asserts equality against a single-line value; update the assertion for
docsOnlyInstall in test/pr-workflow-contract.test.ts to use .toContain("npm
install --ignore-scripts") instead of .toBe(...), and optionally add a second
assertion to assert it contains "cd nemoclaw && npm install --ignore-scripts" so
the test accepts the multi-line run block from the workflow.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 40e1232a-ed2d-4717-86e0-31028ff741da

📥 Commits

Reviewing files that changed from the base of the PR and between 4e0cc13 and 78329ed.

📒 Files selected for processing (1)

• .github/workflows/pr.yaml