diff --git a/.agents/skills/nemoclaw-user-manage-policy/evals/evals.json b/.agents/skills/nemoclaw-user-manage-policy/evals/evals.json index 5df648b748..26bb32a8fd 100644 --- a/.agents/skills/nemoclaw-user-manage-policy/evals/evals.json +++ b/.agents/skills/nemoclaw-user-manage-policy/evals/evals.json @@ -3,126 +3,54 @@ "id": "docs-network-policy-customize-network-policy-001", "question": "I'm customizing sandbox network policy. Help me allow the agent to reach a required external service so I can enable the integration while preserving least privilege.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user allow the agent to reach a required external service and gives enough concrete guidance, decision criteria, verification steps, or risk framing to enable the integration while preserving least privilege.", - "expected_behavior": [ - "The output directly addresses the user's situation: customizing sandbox network policy.", - "The AI coding assistant loads the expected_skill and SKILL.md", - "The output helps the user allow the agent to reach a required external service with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to enable the integration while preserving least privilege.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the SKILL.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user allow the agent to reach a required external service and gives enough concrete guidance, decision criteria, verification steps, or risk framing to enable the integration while preserving least privilege." }, { "id": "docs-network-policy-customize-network-policy-002", "question": "I'm writing an egress rule. Help me specify the minimum necessary host, port, and protocol so I can avoid opening broader access than the agent needs.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user specify the minimum necessary host, port, and protocol and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid opening broader access than the agent needs.", - "expected_behavior": [ - "The output directly addresses the user's situation: writing an egress rule.", - "The AI coding assistant loads the expected_skill and SKILL.md", - "The output helps the user specify the minimum necessary host, port, and protocol with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to avoid opening broader access than the agent needs.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the SKILL.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user specify the minimum necessary host, port, and protocol and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid opening broader access than the agent needs." }, { "id": "docs-network-policy-customize-network-policy-003", "question": "I'm validating a policy change. Help me test that the intended integration works and unrelated egress remains blocked so I can ship a safer policy update.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user test that the intended integration works and unrelated egress remains blocked and gives enough concrete guidance, decision criteria, verification steps, or risk framing to ship a safer policy update.", - "expected_behavior": [ - "The output directly addresses the user's situation: validating a policy change.", - "The AI coding assistant loads the expected_skill and SKILL.md", - "The output helps the user test that the intended integration works and unrelated egress remains blocked with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to ship a safer policy update.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the SKILL.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user test that the intended integration works and unrelated egress remains blocked and gives enough concrete guidance, decision criteria, verification steps, or risk framing to ship a safer policy update." }, { "id": "docs-network-policy-approve-network-requests-001", "question": "I'm reviewing a blocked network request. Help me understand why the agent wants to reach that endpoint so I can approve only requests that support the current job.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user understand why the agent wants to reach that endpoint and gives enough concrete guidance, decision criteria, verification steps, or risk framing to approve only requests that support the current job.", - "expected_behavior": [ - "The output directly addresses the user's situation: reviewing a blocked network request.", - "The AI coding assistant loads the expected_skill and references/approve-network-requests.md", - "The output helps the user understand why the agent wants to reach that endpoint with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to approve only requests that support the current job.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/approve-network-requests.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user understand why the agent wants to reach that endpoint and gives enough concrete guidance, decision criteria, verification steps, or risk framing to approve only requests that support the current job." }, { "id": "docs-network-policy-approve-network-requests-002", "question": "I'm using the approval UI. Help me spot unexpected or prompt-injection-driven egress so I can deny suspicious access before it becomes policy.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user spot unexpected or prompt-injection-driven egress and gives enough concrete guidance, decision criteria, verification steps, or risk framing to deny suspicious access before it becomes policy.", - "expected_behavior": [ - "The output directly addresses the user's situation: using the approval UI.", - "The AI coding assistant loads the expected_skill and references/approve-network-requests.md", - "The output helps the user spot unexpected or prompt-injection-driven egress with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to deny suspicious access before it becomes policy.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/approve-network-requests.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user spot unexpected or prompt-injection-driven egress and gives enough concrete guidance, decision criteria, verification steps, or risk framing to deny suspicious access before it becomes policy." }, { "id": "docs-network-policy-approve-network-requests-003", "question": "I'm after approving or denying a request. Help me understand audit, rollback, and policy update behavior so I can keep operator decisions traceable.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user understand audit, rollback, and policy update behavior and gives enough concrete guidance, decision criteria, verification steps, or risk framing to keep operator decisions traceable.", - "expected_behavior": [ - "The output directly addresses the user's situation: after approving or denying a request.", - "The AI coding assistant loads the expected_skill and references/approve-network-requests.md", - "The output helps the user understand audit, rollback, and policy update behavior with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to keep operator decisions traceable.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/approve-network-requests.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user understand audit, rollback, and policy update behavior and gives enough concrete guidance, decision criteria, verification steps, or risk framing to keep operator decisions traceable." }, { "id": "docs-network-policy-integration-policy-examples-001", "question": "I'm following an integration policy example. Help me enable a common third-party workflow quickly so I can avoid writing a policy from scratch.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user enable a common third-party workflow quickly and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid writing a policy from scratch.", - "expected_behavior": [ - "The output directly addresses the user's situation: following an integration policy example.", - "The AI coding assistant loads the expected_skill and references/integration-policy-examples.md", - "The output helps the user enable a common third-party workflow quickly with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to avoid writing a policy from scratch.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/integration-policy-examples.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user enable a common third-party workflow quickly and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid writing a policy from scratch." }, { "id": "docs-network-policy-integration-policy-examples-002", "question": "I'm adapting an example to my organization. Help me replace sample hosts and ports with exact production endpoints so I can create a policy that matches our real integration.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user replace sample hosts and ports with exact production endpoints and gives enough concrete guidance, decision criteria, verification steps, or risk framing to create a policy that matches our real integration.", - "expected_behavior": [ - "The output directly addresses the user's situation: adapting an example to my organization.", - "The AI coding assistant loads the expected_skill and references/integration-policy-examples.md", - "The output helps the user replace sample hosts and ports with exact production endpoints with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to create a policy that matches our real integration.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/integration-policy-examples.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user replace sample hosts and ports with exact production endpoints and gives enough concrete guidance, decision criteria, verification steps, or risk framing to create a policy that matches our real integration." }, { "id": "docs-network-policy-integration-policy-examples-003", "question": "I'm copying an example into a stricter environment. Help me identify broad rules or assumptions that need tightening so I can avoid weakening production egress controls.", "expected_skill": "nemoclaw-user-manage-policy", - "ground_truth": "A NemoClaw-specific answer that helps the user identify broad rules or assumptions that need tightening and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid weakening production egress controls.", - "expected_behavior": [ - "The output directly addresses the user's situation: copying an example into a stricter environment.", - "The AI coding assistant loads the expected_skill and references/integration-policy-examples.md", - "The output helps the user identify broad rules or assumptions that need tightening with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to avoid weakening production egress controls.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/integration-policy-examples.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user identify broad rules or assumptions that need tightening and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid weakening production egress controls." } ] diff --git a/.agents/skills/nemoclaw-user-manage-sandboxes/evals/evals.json b/.agents/skills/nemoclaw-user-manage-sandboxes/evals/evals.json index 891606460e..ff6af55509 100644 --- a/.agents/skills/nemoclaw-user-manage-sandboxes/evals/evals.json +++ b/.agents/skills/nemoclaw-user-manage-sandboxes/evals/evals.json @@ -3,210 +3,90 @@ "id": "docs-manage-sandboxes-lifecycle-001", "question": "I'm managing a NemoClaw sandbox. Help me check status, health, logs, ports, providers, upgrades, and uninstall paths so I can operate the sandbox safely after quickstart.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user check status, health, logs, ports, providers, upgrades, and uninstall paths and gives enough concrete guidance, decision criteria, verification steps, or risk framing to operate the sandbox safely after quickstart.", - "expected_behavior": [ - "The output directly addresses the user's situation: managing a NemoClaw sandbox.", - "The AI coding assistant loads the expected_skill and SKILL.md", - "The output helps the user check status, health, logs, ports, providers, upgrades, and uninstall paths with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to operate the sandbox safely after quickstart.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the SKILL.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user check status, health, logs, ports, providers, upgrades, and uninstall paths and gives enough concrete guidance, decision criteria, verification steps, or risk framing to operate the sandbox safely after quickstart." }, { "id": "docs-manage-sandboxes-lifecycle-002", "question": "I'm choosing a lifecycle command. Help me understand which commands inspect, restart, rebuild, or destroy state so I can avoid accidental data loss.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user understand which commands inspect, restart, rebuild, or destroy state and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid accidental data loss.", - "expected_behavior": [ - "The output directly addresses the user's situation: choosing a lifecycle command.", - "The AI coding assistant loads the expected_skill and SKILL.md", - "The output helps the user understand which commands inspect, restart, rebuild, or destroy state with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to avoid accidental data loss.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the SKILL.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user understand which commands inspect, restart, rebuild, or destroy state and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid accidental data loss." }, { "id": "docs-manage-sandboxes-lifecycle-003", "question": "I'm planning an upgrade, rebuild, or uninstall. Help me know when to preserve workspace files first so I can recover useful agent state after disruptive changes.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user know when to preserve workspace files first and gives enough concrete guidance, decision criteria, verification steps, or risk framing to recover useful agent state after disruptive changes.", - "expected_behavior": [ - "The output directly addresses the user's situation: planning an upgrade, rebuild, or uninstall.", - "The AI coding assistant loads the expected_skill and SKILL.md", - "The output helps the user know when to preserve workspace files first with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to recover useful agent state after disruptive changes.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the SKILL.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user know when to preserve workspace files first and gives enough concrete guidance, decision criteria, verification steps, or risk framing to recover useful agent state after disruptive changes." }, { "id": "docs-manage-sandboxes-runtime-controls-001", "question": "I'm changing a running sandbox. Help me know which controls can change without rebuild or re-onboarding so I can make safe adjustments with minimal downtime.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user know which controls can change without rebuild or re-onboarding and gives enough concrete guidance, decision criteria, verification steps, or risk framing to make safe adjustments with minimal downtime.", - "expected_behavior": [ - "The output directly addresses the user's situation: changing a running sandbox.", - "The AI coding assistant loads the expected_skill and references/runtime-controls.md", - "The output helps the user know which controls can change without rebuild or re-onboarding with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to make safe adjustments with minimal downtime.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/runtime-controls.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user know which controls can change without rebuild or re-onboarding and gives enough concrete guidance, decision criteria, verification steps, or risk framing to make safe adjustments with minimal downtime." }, { "id": "docs-manage-sandboxes-runtime-controls-002", "question": "I'm reviewing a runtime control. Help me classify it as hot-reloadable, rebuild-only, or onboarding-only so I can choose the correct operational path.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user classify it as hot-reloadable, rebuild-only, or onboarding-only and gives enough concrete guidance, decision criteria, verification steps, or risk framing to choose the correct operational path.", - "expected_behavior": [ - "The output directly addresses the user's situation: reviewing a runtime control.", - "The AI coding assistant loads the expected_skill and references/runtime-controls.md", - "The output helps the user classify it as hot-reloadable, rebuild-only, or onboarding-only with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to choose the correct operational path.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/runtime-controls.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user classify it as hot-reloadable, rebuild-only, or onboarding-only and gives enough concrete guidance, decision criteria, verification steps, or risk framing to choose the correct operational path." }, { "id": "docs-manage-sandboxes-runtime-controls-003", "question": "I'm responding to an incident or risky agent behavior. Help me use `shields up`, `shields down`, and `shields status` correctly so I can tighten or inspect controls without confusion.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user use `shields up`, `shields down`, and `shields status` correctly and gives enough concrete guidance, decision criteria, verification steps, or risk framing to tighten or inspect controls without confusion.", - "expected_behavior": [ - "The output directly addresses the user's situation: responding to an incident or risky agent behavior.", - "The AI coding assistant loads the expected_skill and references/runtime-controls.md", - "The output helps the user use `shields up`, `shields down`, and `shields status` correctly with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to tighten or inspect controls without confusion.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/runtime-controls.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user use `shields up`, `shields down`, and `shields status` correctly and gives enough concrete guidance, decision criteria, verification steps, or risk framing to tighten or inspect controls without confusion." }, { "id": "docs-manage-sandboxes-backup-restore-001", "question": "I'm backing up workspace files before a destructive operation. Help me preserve agent memory, identity, and useful configuration so I can rebuild or migrate without losing important state.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user preserve agent memory, identity, and useful configuration and gives enough concrete guidance, decision criteria, verification steps, or risk framing to rebuild or migrate without losing important state.", - "expected_behavior": [ - "The output directly addresses the user's situation: backing up workspace files before a destructive operation.", - "The AI coding assistant loads the expected_skill and references/backup-restore.md", - "The output helps the user preserve agent memory, identity, and useful configuration with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to rebuild or migrate without losing important state.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/backup-restore.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user preserve agent memory, identity, and useful configuration and gives enough concrete guidance, decision criteria, verification steps, or risk framing to rebuild or migrate without losing important state." }, { "id": "docs-manage-sandboxes-backup-restore-002", "question": "I'm handling a workspace archive. Help me understand credential stripping and integrity checks so I can trust the archive without exposing secrets.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user understand credential stripping and integrity checks and gives enough concrete guidance, decision criteria, verification steps, or risk framing to trust the archive without exposing secrets.", - "expected_behavior": [ - "The output directly addresses the user's situation: handling a workspace archive.", - "The AI coding assistant loads the expected_skill and references/backup-restore.md", - "The output helps the user understand credential stripping and integrity checks with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to trust the archive without exposing secrets.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/backup-restore.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user understand credential stripping and integrity checks and gives enough concrete guidance, decision criteria, verification steps, or risk framing to trust the archive without exposing secrets." }, { "id": "docs-manage-sandboxes-backup-restore-003", "question": "I'm restoring workspace files. Help me verify the agent's useful memory returned so I can continue work without reintroducing sensitive host data.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user verify the agent's useful memory returned and gives enough concrete guidance, decision criteria, verification steps, or risk framing to continue work without reintroducing sensitive host data.", - "expected_behavior": [ - "The output directly addresses the user's situation: restoring workspace files.", - "The AI coding assistant loads the expected_skill and references/backup-restore.md", - "The output helps the user verify the agent's useful memory returned with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to continue work without reintroducing sensitive host data.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/backup-restore.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user verify the agent's useful memory returned and gives enough concrete guidance, decision criteria, verification steps, or risk framing to continue work without reintroducing sensitive host data." }, { "id": "docs-manage-sandboxes-workspace-files-001", "question": "I'm inspecting workspace files. Help me understand where personality, identity, and configuration live so I can predict how the agent will behave across sessions.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user understand where personality, identity, and configuration live and gives enough concrete guidance, decision criteria, verification steps, or risk framing to predict how the agent will behave across sessions.", - "expected_behavior": [ - "The output directly addresses the user's situation: inspecting workspace files.", - "The AI coding assistant loads the expected_skill and references/workspace-files.md", - "The output helps the user understand where personality, identity, and configuration live with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to predict how the agent will behave across sessions.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/workspace-files.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user understand where personality, identity, and configuration live and gives enough concrete guidance, decision criteria, verification steps, or risk framing to predict how the agent will behave across sessions." }, { "id": "docs-manage-sandboxes-workspace-files-002", "question": "I'm adding durable instructions for the agent. Help me know which files persist and who owns them so I can put guidance in the right place.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user know which files persist and who owns them and gives enough concrete guidance, decision criteria, verification steps, or risk framing to put guidance in the right place.", - "expected_behavior": [ - "The output directly addresses the user's situation: adding durable instructions for the agent.", - "The AI coding assistant loads the expected_skill and references/workspace-files.md", - "The output helps the user know which files persist and who owns them with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to put guidance in the right place.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/workspace-files.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user know which files persist and who owns them and gives enough concrete guidance, decision criteria, verification steps, or risk framing to put guidance in the right place." }, { "id": "docs-manage-sandboxes-workspace-files-003", "question": "I'm restarting, rebuilding, or migrating a sandbox. Help me understand how each action affects workspace state so I can avoid losing or duplicating important files.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user understand how each action affects workspace state and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid losing or duplicating important files.", - "expected_behavior": [ - "The output directly addresses the user's situation: restarting, rebuilding, or migrating a sandbox.", - "The AI coding assistant loads the expected_skill and references/workspace-files.md", - "The output helps the user understand how each action affects workspace state with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to avoid losing or duplicating important files.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/workspace-files.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user understand how each action affects workspace state and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid losing or duplicating important files." }, { "id": "docs-manage-sandboxes-messaging-channels-001", "question": "I'm connecting a messaging channel. Help me let users reach the sandboxed agent through Telegram, Discord, Slack, or another channel so I can support real-world always-on interactions.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user let users reach the sandboxed agent through Telegram, Discord, Slack, or another channel and gives enough concrete guidance, decision criteria, verification steps, or risk framing to support real-world always-on interactions.", - "expected_behavior": [ - "The output directly addresses the user's situation: connecting a messaging channel.", - "The AI coding assistant loads the expected_skill and references/messaging-channels.md", - "The output helps the user let users reach the sandboxed agent through Telegram, Discord, Slack, or another channel with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to support real-world always-on interactions.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/messaging-channels.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user let users reach the sandboxed agent through Telegram, Discord, Slack, or another channel and gives enough concrete guidance, decision criteria, verification steps, or risk framing to support real-world always-on interactions." }, { "id": "docs-manage-sandboxes-messaging-channels-002", "question": "I'm configuring channel credentials and processes. Help me understand what OpenShell supervises and where secrets live so I can trust the messaging integration operationally.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user understand what OpenShell supervises and where secrets live and gives enough concrete guidance, decision criteria, verification steps, or risk framing to trust the messaging integration operationally.", - "expected_behavior": [ - "The output directly addresses the user's situation: configuring channel credentials and processes.", - "The AI coding assistant loads the expected_skill and references/messaging-channels.md", - "The output helps the user understand what OpenShell supervises and where secrets live with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to trust the messaging integration operationally.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/messaging-channels.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user understand what OpenShell supervises and where secrets live and gives enough concrete guidance, decision criteria, verification steps, or risk framing to trust the messaging integration operationally." }, { "id": "docs-manage-sandboxes-messaging-channels-003", "question": "I'm testing a new messaging channel. Help me send and receive a message through the full path so I can prove the channel, gateway, and sandboxed agent are wired correctly.", "expected_skill": "nemoclaw-user-manage-sandboxes", - "ground_truth": "A NemoClaw-specific answer that helps the user send and receive a message through the full path and gives enough concrete guidance, decision criteria, verification steps, or risk framing to prove the channel, gateway, and sandboxed agent are wired correctly.", - "expected_behavior": [ - "The output directly addresses the user's situation: testing a new messaging channel.", - "The AI coding assistant loads the expected_skill and references/messaging-channels.md", - "The output helps the user send and receive a message through the full path with NemoClaw-specific guidance rather than generic advice.", - "The output gives enough concrete guidance, decision criteria, verification steps, or risk framing for the user to prove the channel, gateway, and sandboxed agent are wired correctly.", - "The output avoids inventing unsupported NemoClaw behavior.", - "The output follows progressive disclosure: it answers the current request without dumping unrelated details other than the expected_skill and the references/messaging-channels.md file." - ] + "ground_truth": "A NemoClaw-specific answer that helps the user send and receive a message through the full path and gives enough concrete guidance, decision criteria, verification steps, or risk framing to prove the channel, gateway, and sandboxed agent are wired correctly." } ] diff --git a/skills/nemoclaw-user-manage-policy/BENCHMARK.md b/skills/nemoclaw-user-manage-policy/BENCHMARK.md new file mode 100644 index 0000000000..f34553dca9 --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/BENCHMARK.md @@ -0,0 +1,67 @@ +# Evaluation Report + +Evaluation of the `nemoclaw-user-manage-policy` skill before publication through NVSkills-Eval. + +This benchmark summarizes 3-Tier Evaluation from NVSkills-Eval results for the skill. The goal is to document whether the skill is safe, discoverable, effective, and useful for agents before it is published for broader workflow use. + +## Evaluation Summary + +- Skill: `nemoclaw-user-manage-policy` +- Evaluation date: 2026-05-28 +- NVSkills-Eval profile: `external` +- Overall verdict: FAIL +- Tier 3 live agent evaluation: not available in this report + +## Agents Used + +- Tier 3 agent details were not available in this report. + +## Metrics Used + +Reported benchmark dimensions: + +- Security: checks whether skill-assisted execution avoids unsafe behavior such as secret leakage, destructive commands, or unauthorized access. +- Correctness: checks whether the agent follows the expected workflow and produces the correct final output. +- Discoverability: checks whether the agent loads the skill when relevant and avoids using it when irrelevant. +- Effectiveness: checks whether the agent performs measurably better with the skill than without it. +- Efficiency: checks whether the agent uses fewer tokens and avoids redundant work. + +Underlying evaluation signals used in this run: + +- No Tier 3 evaluation signal details were available in this report. + +## Test Tasks + +Tier 3 evaluation task details were not available in this report. + +## Results + +Tier 3 dimension rollup was not available in this report. + +## Tier 1: Static Validation Summary + +Tier 1 validation passed with observations. NVSkills-Eval ran 9 checks and found 10 total findings. + +Top findings: + +- MEDIUM QUALITY/quality_correctness: SKILL_SPEC recommended field missing: 'metadata.author' (`skills/nemoclaw-user-manage-policy/SKILL.md`) +- MEDIUM QUALITY/quality_correctness: SKILL_SPEC recommended field missing: 'metadata.tags' (`skills/nemoclaw-user-manage-policy/SKILL.md`) +- MEDIUM QUALITY/quality_efficiency: Deeply nested references in integration-policy-examples.md (`skills/nemoclaw-user-manage-policy/SKILL.md`) +- MEDIUM SCHEMA/body_recommended_section: Missing recommended section: '## Instructions' (`skills/nemoclaw-user-manage-policy/SKILL.md`) +- MEDIUM SCHEMA/body_recommended_section: Missing recommended section: '## Examples' (`skills/nemoclaw-user-manage-policy/SKILL.md`) + +## Tier 2: Deduplication Summary + +Tier 2 validation reported findings. NVSkills-Eval ran 2 checks and found 1 total findings. + +Top findings: + +- HIGH DUPLICATE/duplicate: Duplicate content found across SKILL.md and references/approve-network-requests.md and references/customize-network-policy-details.md and references/integration-policy-examples.md: + "(preamble)" in SKILL.md (lines 1-3) + vs "(preamble)" in references/approve-network-requests.md (lines 1-2) + vs "(preamble)" in references/customize-network-policy-details.md (lines 1-2) + vs "(preamble)" in references/integration-policy-examples.md (lines 1-2) (`SKILL.md:1`) + +## Publication Recommendation + +The skill should be reviewed before NVSkills-Eval publication. Skill owners should address the findings above and rerun NVSkills-Eval to refresh this benchmark. diff --git a/skills/nemoclaw-user-manage-policy/SKILL.md b/skills/nemoclaw-user-manage-policy/SKILL.md new file mode 100644 index 0000000000..298c672588 --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/SKILL.md @@ -0,0 +1,296 @@ +--- +name: "nemoclaw-user-manage-policy" +description: "Adds, removes, or modifies allowed endpoints in the sandbox policy. Use when customizing network policy, changing egress rules, or configuring sandbox endpoint access. Trigger keywords - customize nemoclaw network policy, sandbox egress policy configuration, nemoclaw integration policy examples, post-install policy setup, openshell approval workflow, policy preset, nemoclaw approve network requests, sandbox egress approval tui." +license: "Apache-2.0" +--- + + + + +# Customize the Sandbox Network Policy + +## Gotchas + +- Custom preset hosts bypass NemoClaw's review process and can widen sandbox egress to arbitrary destinations. + +## Prerequisites + +- A running NemoClaw sandbox for dynamic changes, or the NemoClaw source repository for static changes. +- The OpenShell CLI on your `PATH`. + +Add, remove, or modify the endpoints that the sandbox is allowed to reach. + +The sandbox policy is defined in a declarative YAML file in the NemoClaw repository and enforced at runtime by [NVIDIA OpenShell](https://github.com/NVIDIA/OpenShell). +NemoClaw supports both static policy changes that persist across restarts and dynamic updates applied to a running sandbox through the OpenShell CLI. + +**Note:** + +If the sandbox needs to reach an HTTP service running on the host, expose the service on a host IP that the OpenShell gateway can reach. +Apply a custom NemoClaw preset with `nemoclaw policy-add --from-file`. +Do not rely on `host.docker.internal` as a general host-service path because it bypasses the OpenShell policy path and may not be reachable in every sandbox runtime. +See Agent cannot reach a host-side HTTP service (use the `nemoclaw-user-reference` skill). + +## Static Changes + +Static changes modify the baseline policy file and take effect after the next sandbox creation. + +### Edit the Policy File + +Open `nemoclaw-blueprint/policies/openclaw-sandbox.yaml` and add or modify endpoint entries. + +If you want a built-in preset to be part of the baseline policy, merge its `network_policies` entries into this file and re-run `nemoclaw onboard`. + +If you only need to apply a preset to a running sandbox, use `nemoclaw policy-add` under [Dynamic Changes](#dynamic-changes). +That updates the live policy and does not edit `openclaw-sandbox.yaml`. + +Use a manual YAML edit when you need to allow custom hosts that are not covered by a preset, such as an internal API or a weather service. + +Each entry in the `network` section defines an endpoint group with the following fields: + +`endpoints` +: Host and port pairs that the sandbox can reach. + +`binaries` +: Executables allowed to use this endpoint. + +`rules` +: HTTP methods and paths that are permitted. + +### Re-Run Onboard + +Apply the updated policy by re-running the onboard wizard: + +```console +$ nemoclaw onboard +``` + +The wizard picks up the modified policy file and applies it to the sandbox. + +### Verify the Policy + +Check that the sandbox is running with the updated policy: + +```console +$ nemoclaw status +``` + +### Add Blueprint Policy Additions + +If you maintain a custom blueprint, you can add extra policy entries under `components.policy.additions` in `nemoclaw-blueprint/blueprint.yaml`. +NemoClaw validates those entries with the same policy schema used by preset files, fetches the live policy during sandbox creation, merges the additions into `network_policies`, and applies the merged policy through OpenShell. +The applied additions are recorded in the run metadata so you can audit which blueprint-level policy entries were active for that sandbox run. + +## Dynamic Changes + +Dynamic changes apply a policy update to a running sandbox without restarting it. + +> [!WARNING] +> `openshell policy set` **replaces** the sandbox's live policy with the contents of the file you provide; it does not merge. +> A running sandbox's live policy is the baseline from `openclaw-sandbox.yaml` plus every preset that was layered on during onboarding. +> Applying a file that contains only the baseline (or only a single preset) silently drops every other preset that was in effect. + +### Option 1: Drop a Preset File and Use `policy-add` (Recommended) + +This is the non-destructive path and the only flow NemoClaw supports out of the box for merging new entries into a running policy. + +1. Create a preset-format YAML file under `nemoclaw-blueprint/policies/presets/`, for example `nemoclaw-blueprint/policies/presets/influxdb.yaml`: + + ```yaml + preset: + name: influxdb + description: "InfluxDB time-series database" + network_policies: + influxdb: + name: influxdb + endpoints: + - host: influxdb.internal.example.com + port: 8086 + protocol: rest + enforcement: enforce + rules: + - allow: { method: GET, path: "/**" } + - allow: { method: POST, path: "/api/v2/write" } + binaries: + - { path: /usr/bin/curl } + ``` + +2. Apply it to the running sandbox: + + ```console + $ nemoclaw my-assistant policy-add + ``` + + NemoClaw reads the live policy via `openshell policy get --full`, structurally merges your preset's `network_policies` into it, and writes the merged result back. + Existing presets and the baseline remain in place. + The preset file under `presets/` also persists across sandbox recreations. + +### Option 2: Snapshot, Edit, and Set via OpenShell + +Use this path only when you cannot add a file under the NemoClaw source tree. +You must start from the **live** policy, not from `openclaw-sandbox.yaml`, so the presets layered on at onboarding are preserved in the file you apply. + +```console +$ openshell policy get --full my-assistant > live-policy.yaml +``` + +Edit `live-policy.yaml` to add your entries under `network_policies:`, keeping the existing `version` field intact, then apply: + +```console +$ openshell policy set --policy live-policy.yaml my-assistant +``` + +### Scope of Dynamic Changes + +Dynamic changes apply only to the current session. +When the sandbox stops, the running policy resets to the baseline composed from `openclaw-sandbox.yaml` plus the presets recorded for the sandbox. +To make a custom policy survive a sandbox recreation, ship the preset file in the repository (Option 1 above — the file under `presets/` persists) or edit `openclaw-sandbox.yaml` and re-run `nemoclaw onboard`. + +### Approve Requests Interactively + +For one-off access, you can approve blocked requests in the OpenShell TUI instead of editing the baseline policy: + +```console +$ openshell term +``` + +This is useful when you want to test a destination before deciding whether it belongs in a permanent preset or custom policy file. + +## Policy Presets + +NemoClaw ships preset policy files for common integrations in `nemoclaw-blueprint/policies/presets/`. +Apply a preset as-is or use it as a starting template for a custom policy. +For guided post-install examples, see [Common Integration Policy Examples](references/integration-policy-examples.md). + +During onboarding, the policy tier (use the `nemoclaw-user-reference` skill) you select determines which presets are enabled by default. +You can add or remove individual presets in the interactive preset screen that follows tier selection. + +Available presets: + +| Preset | Endpoints | +|--------|-----------| +| `brave` | Brave Search API | +| `brew` | Homebrew (Linuxbrew) package manager | +| `discord` | Discord API, gateway, and CDN access | +| `github` | GitHub and GitHub REST API | +| `huggingface` | Hugging Face Hub (download-only) and inference router | +| `jira` | Atlassian Jira API | +| `local-inference` | Local Ollama and vLLM through the host gateway | +| `npm` | npm and Yarn registries | +| `openclaw-pricing` | OpenClaw model-pricing reference fetch (LiteLLM and OpenRouter) | +| `outlook` | Microsoft 365 and Outlook | +| `pypi` | Python Package Index | +| `slack` | Slack API and webhooks | +| `telegram` | Telegram Bot API | +| `wechat` | WeChat (personal) iLink Bot API (experimental) | +| `whatsapp` | WhatsApp Web messaging (experimental) | + +To apply a preset to a running sandbox: + +```console +$ nemoclaw policy-add +``` + +**Note:** + +Preset selection is interactive when you omit a preset name. +Pass a preset name with `--yes` for scripted workflows. + +For example, to interactively add PyPI access to a running sandbox: + +```console +$ nemoclaw my-assistant policy-add +``` + +To list which presets are applied to a sandbox: + +```console +$ nemoclaw policy-list +``` + +To include a preset in the baseline, merge its entries into `openclaw-sandbox.yaml` and re-run `nemoclaw onboard`. + +**Note:** + +The `openshell policy set --policy ` command operates on raw policy files and does not +accept the `preset:` metadata block used in preset YAML files. Use `nemoclaw policy-add` for +presets. + +For scripted workflows, `policy-add` and `policy-remove` accept the preset name as a positional argument: + +```console +$ nemoclaw my-assistant policy-add pypi --yes +$ nemoclaw my-assistant policy-remove pypi --yes +``` + +Set `NEMOCLAW_NON_INTERACTIVE=1` instead of `--yes` to drive the same flow from an environment variable. +See Commands (use the `nemoclaw-user-reference` skill) for the full flag reference. + +`nemoclaw rebuild` reapplies every policy preset to the recreated sandbox, so presets survive an agent-version upgrade without manual reapplication. + +## Custom Preset Files + +Apply a user-authored preset YAML to a running sandbox without editing the baseline or dropping to `openshell policy set`. + +### Authoring + +A custom preset follows the same shape as the built-in ones under `nemoclaw-blueprint/policies/presets/`: + +```yaml +preset: + name: my-internal-api + description: "Internal service" +network_policies: + my-internal-api: + name: my-internal-api + endpoints: + - host: api.example.internal + port: 443 + protocol: rest + enforcement: enforce + rules: + - allow: { method: GET, path: "/**" } + binaries: + - { path: /usr/local/bin/node } +``` + +The top-level `preset.name` must be a lowercase RFC 1123 label (letters, digits, hyphens) and must not collide with a built-in preset name such as `slack` or `pypi`. +Rename `preset.name` if NemoClaw refuses to apply the file because of a collision. + +### Apply a Single File + +```console +$ nemoclaw my-assistant policy-add --from-file ./presets/my-internal-api.yaml +``` + +Preview the endpoints without applying with `--dry-run`, and skip the confirmation prompt with `--yes` or by exporting `NEMOCLAW_NON_INTERACTIVE=1`. + +### Apply Every File in a Directory + +```console +$ nemoclaw my-assistant policy-add --from-dir ./presets/ --yes +``` + +Files are processed in lexicographic order. +Processing stops at the first failure; presets already applied are not rolled back. +Fix the failing file and re-run the command to continue. + +**Warning:** + +Custom preset hosts bypass NemoClaw's review process and can widen sandbox egress to arbitrary destinations. +Review every host in a custom preset before applying it, especially when the file originates outside your team. + +Load [references/customize-network-policy-details.md](references/customize-network-policy-details.md) for detailed steps on Remove a Custom Preset. + +## References + +- **[references/integration-policy-examples.md](references/integration-policy-examples.md)** — Guides users through common post-install integration policy setup for maintained NemoClaw policy presets, including Outlook, messaging channels, GitHub, Jira, Brave Search, package managers, Hugging Face, local inference, and OpenShell approval workflows. +- **Load [references/approve-network-requests.md](references/approve-network-requests.md)** when approving or denying sandbox egress requests, managing blocked network calls, or using the approval TUI. Reviews and approves blocked agent network requests in the TUI. +- **Load [references/customize-network-policy-details.md](references/customize-network-policy-details.md)** when you need detailed steps for Remove a Custom Preset. + +## Related Skills + +- [Approve or Deny Agent Network Requests](references/approve-network-requests.md) for real-time operator approval. +- [Common Integration Policy Examples](references/integration-policy-examples.md) for maintained preset examples such as Outlook, messaging, GitHub, Jira, Brave Search, package managers, Hugging Face, and local inference. +- `nemoclaw-user-reference` — Network Policies (use the `nemoclaw-user-reference` skill) for the full baseline policy reference +- OpenShell [Policy Schema](https://docs.nvidia.com/openshell/latest/reference/policy-schema.html) for the full YAML policy schema reference. +- OpenShell [Sandbox Policies](https://docs.nvidia.com/openshell/latest/sandboxes/policies.html) for applying, iterating, and debugging policies at the OpenShell layer. diff --git a/skills/nemoclaw-user-manage-policy/evals/evals.json b/skills/nemoclaw-user-manage-policy/evals/evals.json new file mode 100644 index 0000000000..26bb32a8fd --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/evals/evals.json @@ -0,0 +1,56 @@ +[ + { + "id": "docs-network-policy-customize-network-policy-001", + "question": "I'm customizing sandbox network policy. Help me allow the agent to reach a required external service so I can enable the integration while preserving least privilege.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user allow the agent to reach a required external service and gives enough concrete guidance, decision criteria, verification steps, or risk framing to enable the integration while preserving least privilege." + }, + { + "id": "docs-network-policy-customize-network-policy-002", + "question": "I'm writing an egress rule. Help me specify the minimum necessary host, port, and protocol so I can avoid opening broader access than the agent needs.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user specify the minimum necessary host, port, and protocol and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid opening broader access than the agent needs." + }, + { + "id": "docs-network-policy-customize-network-policy-003", + "question": "I'm validating a policy change. Help me test that the intended integration works and unrelated egress remains blocked so I can ship a safer policy update.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user test that the intended integration works and unrelated egress remains blocked and gives enough concrete guidance, decision criteria, verification steps, or risk framing to ship a safer policy update." + }, + { + "id": "docs-network-policy-approve-network-requests-001", + "question": "I'm reviewing a blocked network request. Help me understand why the agent wants to reach that endpoint so I can approve only requests that support the current job.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user understand why the agent wants to reach that endpoint and gives enough concrete guidance, decision criteria, verification steps, or risk framing to approve only requests that support the current job." + }, + { + "id": "docs-network-policy-approve-network-requests-002", + "question": "I'm using the approval UI. Help me spot unexpected or prompt-injection-driven egress so I can deny suspicious access before it becomes policy.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user spot unexpected or prompt-injection-driven egress and gives enough concrete guidance, decision criteria, verification steps, or risk framing to deny suspicious access before it becomes policy." + }, + { + "id": "docs-network-policy-approve-network-requests-003", + "question": "I'm after approving or denying a request. Help me understand audit, rollback, and policy update behavior so I can keep operator decisions traceable.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user understand audit, rollback, and policy update behavior and gives enough concrete guidance, decision criteria, verification steps, or risk framing to keep operator decisions traceable." + }, + { + "id": "docs-network-policy-integration-policy-examples-001", + "question": "I'm following an integration policy example. Help me enable a common third-party workflow quickly so I can avoid writing a policy from scratch.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user enable a common third-party workflow quickly and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid writing a policy from scratch." + }, + { + "id": "docs-network-policy-integration-policy-examples-002", + "question": "I'm adapting an example to my organization. Help me replace sample hosts and ports with exact production endpoints so I can create a policy that matches our real integration.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user replace sample hosts and ports with exact production endpoints and gives enough concrete guidance, decision criteria, verification steps, or risk framing to create a policy that matches our real integration." + }, + { + "id": "docs-network-policy-integration-policy-examples-003", + "question": "I'm copying an example into a stricter environment. Help me identify broad rules or assumptions that need tightening so I can avoid weakening production egress controls.", + "expected_skill": "nemoclaw-user-manage-policy", + "ground_truth": "A NemoClaw-specific answer that helps the user identify broad rules or assumptions that need tightening and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid weakening production egress controls." + } +] diff --git a/skills/nemoclaw-user-manage-policy/references/approve-network-requests.md b/skills/nemoclaw-user-manage-policy/references/approve-network-requests.md new file mode 100644 index 0000000000..bb1e73d494 --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/references/approve-network-requests.md @@ -0,0 +1,64 @@ + + +# Approve or Deny Agent Network Requests + +Review and act on network requests that the agent makes to endpoints not listed in the sandbox policy. +OpenShell intercepts these requests and presents them in the TUI for operator approval. + +## Prerequisites + +- A running NemoClaw sandbox. +- The OpenShell CLI on your `PATH`. + +## Open the TUI + +Start the OpenShell terminal UI to monitor sandbox activity: + +```console +$ openshell term +``` + +For a remote sandbox, pass the instance name: + +```console +$ ssh my-gpu-box 'cd ~/nemoclaw && . .env && openshell term' +``` + +The TUI displays the sandbox state, active inference provider, and a live feed of network activity. + +## Trigger a Blocked Request + +When the agent attempts to reach an endpoint that is not in the baseline policy, OpenShell blocks the connection and displays the request in the TUI. +The blocked request includes the following details: + +- **Host and port** of the destination. +- **Binary** that initiated the request. +- **HTTP method** and path, if available. + +## Approve or Deny the Request + +The TUI presents an approval prompt for each blocked request. + +- **Approve** the request to add the endpoint to the running policy for the current session. +- **Deny** the request to keep the endpoint blocked. + +Approved endpoints remain in the running policy until the sandbox stops. +They are not persisted to the baseline policy file. +To keep an endpoint allowed after a restart, update the policy YAML or apply a preset as described in [Customize the Sandbox Network Policy](../SKILL.md). + +## Run the Walkthrough + +From the NemoClaw repository root, run the walkthrough script after you have onboarded at least one sandbox and it is reachable: + +```console +$ ./scripts/walkthrough.sh +``` + +This script opens a split tmux session with the TUI on the left and the agent on the right. +The walkthrough requires tmux and the `NVIDIA_API_KEY` environment variable, and it assumes an existing sandbox to attach to. + +## Related Topics + +- [Customize the Sandbox Network Policy](../SKILL.md) to add endpoints permanently. +- Network Policies (use the `nemoclaw-user-reference` skill) for the full baseline policy reference. +- Monitor Sandbox Activity (use the `nemoclaw-user-monitor-sandbox` skill) for general sandbox monitoring. diff --git a/skills/nemoclaw-user-manage-policy/references/customize-network-policy-details.md b/skills/nemoclaw-user-manage-policy/references/customize-network-policy-details.md new file mode 100644 index 0000000000..224829b964 --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/references/customize-network-policy-details.md @@ -0,0 +1,13 @@ + + +# Customize the Sandbox Network Policy: Details + +## Remove a Custom Preset + +Custom presets applied with `--from-file` or `--from-dir` are recorded in the NemoClaw sandbox registry alongside their full YAML content, so they can be removed by name — the original file does not need to be kept on disk: + +```console +$ nemoclaw my-assistant policy-remove my-internal-api --yes +``` + +`policy-remove` accepts both built-in and custom preset names. Run `nemoclaw policy-list` to see every preset currently applied to the sandbox. diff --git a/skills/nemoclaw-user-manage-policy/references/integration-policy-examples.md b/skills/nemoclaw-user-manage-policy/references/integration-policy-examples.md new file mode 100644 index 0000000000..db1c12d1db --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/references/integration-policy-examples.md @@ -0,0 +1,336 @@ + + +# Common NemoClaw Integration Policy Examples + +Use these examples when a sandbox is already installed and an integration needs network access. +This page covers only integrations that NemoClaw currently ships as maintained policy preset YAML under `nemoclaw-blueprint/policies/presets/`. +Integration setup usually has two separate parts: + +- Configure the integration itself, such as a bot token, OAuth credential, or agent plugin setting. +- Allow the sandbox to reach the integration's network endpoints through NemoClaw and OpenShell policy. + +Prefer NemoClaw commands for policy changes that should be tracked with the sandbox. +Use OpenShell directly when you need to inspect blocked requests or approve a one-off request in the TUI. + +## Before You Start + +Replace `my-assistant` with your sandbox name in the examples. + +Check the current policy state first: + +```console +$ nemoclaw my-assistant policy-list +``` + +For a live view of blocked requests, open the OpenShell TUI in a separate host terminal: + +```console +$ openshell term +``` + +When the agent reaches an endpoint that is not in policy, the TUI shows the host, port, requesting binary, method, and path when available. +Approve a request only when you understand why the integration needs it. +An approval updates the running policy, but it does not create a NemoClaw preset entry that can be reviewed and replayed like `policy-add`. + +## Supported Integration Presets + +NemoClaw ships maintained policy presets for common services in `nemoclaw-blueprint/policies/presets/`. + +| Workflow | Preset | +|----------|--------| +| Brave Search | `brave` | +| Homebrew packages | `brew` | +| Discord messaging | `discord` | +| GitHub and GitHub API | `github` | +| Hugging Face Hub and Inference API | `huggingface` | +| Jira and Atlassian Cloud | `jira` | +| Local Ollama or vLLM through the host gateway | `local-inference` | +| OpenClaw model-pricing reference fetch | `openclaw-pricing` | +| npm and Yarn packages | `npm` | +| Microsoft 365, Outlook, and Graph API | `outlook` | +| Python Package Index | `pypi` | +| Slack messaging | `slack` | +| Telegram Bot API | `telegram` | +| WeChat (personal) iLink Bot API (experimental) | `wechat` | +| WhatsApp Web messaging (experimental) | `whatsapp` | + +Preview the endpoints before applying: + +```console +$ nemoclaw my-assistant policy-add outlook --dry-run +``` + +Apply the preset: + +```console +$ nemoclaw my-assistant policy-add outlook --yes +``` + +Remove it later if the sandbox no longer needs that access: + +```console +$ nemoclaw my-assistant policy-remove outlook --yes +``` + +## Email and Calendar With Microsoft 365 + +Use the `outlook` preset for Microsoft 365 email and calendar workflows that use Microsoft Graph or Outlook endpoints. +The preset allows `graph.microsoft.com`, Microsoft login, and Outlook service endpoints. + +```console +$ nemoclaw my-assistant policy-add outlook --dry-run +$ nemoclaw my-assistant policy-add outlook --yes +``` + +Then configure the email or calendar tool credentials through the integration you are running in the sandbox. +Keep OAuth client secrets and refresh tokens out of policy files. + +If the tool still fails, run `openshell term`, trigger the workflow again, and inspect the blocked request. +If the blocked endpoint is not covered by the maintained `outlook` preset, treat it as a separate policy review instead of assuming it is part of the supported preset. + +## Telegram Bot Messaging + +Telegram needs both channel configuration and egress policy. +If you already enabled Telegram during onboarding but did not include the preset, add it to the running sandbox: + +```console +$ nemoclaw my-assistant policy-add telegram --yes +``` + +To add Telegram after onboarding, set the token on the host, add the channel, rebuild so the image picks up the channel config, and make sure the policy preset is applied: + +```console +$ export TELEGRAM_BOT_TOKEN= +$ NEMOCLAW_NON_INTERACTIVE=1 nemoclaw my-assistant channels add telegram +$ nemoclaw my-assistant rebuild +$ nemoclaw my-assistant policy-add telegram --yes +``` + +If delivery fails, open the TUI and send a test message to the bot: + +```console +$ openshell term +``` + +The matching preset for each supported messaging channel is the channel name (`telegram`, `discord`, `slack`, `wechat`, or `whatsapp`). + +## Slack or Discord Messaging + +Slack and Discord also need both channel configuration and egress policy. +Use the matching policy preset after you configure the channel credentials. + +For Slack: + +```console +$ export SLACK_BOT_TOKEN= +$ export SLACK_APP_TOKEN= +$ NEMOCLAW_NON_INTERACTIVE=1 nemoclaw my-assistant channels add slack +$ nemoclaw my-assistant rebuild +$ nemoclaw my-assistant policy-add slack --yes +``` + +For Discord: + +```console +$ export DISCORD_BOT_TOKEN= +$ export DISCORD_SERVER_ID= +$ NEMOCLAW_NON_INTERACTIVE=1 nemoclaw my-assistant channels add discord +$ nemoclaw my-assistant rebuild +$ nemoclaw my-assistant policy-add discord --yes +``` + +If you enabled Slack or Discord during onboarding, apply only the matching preset: + +```console +$ nemoclaw my-assistant policy-add slack --yes +$ nemoclaw my-assistant policy-add discord --yes +``` + +## WeChat or WhatsApp Messaging (Experimental) + +WeChat and WhatsApp are experimental. +Both rely on QR-based pairing flows that are more fragile than token-based bots, and the upstream client libraries can change behavior without notice. + +WeChat uses Tencent's iLink Bot API for personal accounts. +The bot token is captured by a host-side QR scan during onboarding rather than pasted from a developer portal. +Add the channel interactively and apply the preset: + +```console +$ nemoclaw my-assistant channels add wechat +$ nemoclaw my-assistant rebuild +$ nemoclaw my-assistant policy-add wechat --yes +``` + +WhatsApp Web pairs entirely inside the sandbox via QR scan, so `channels add` does not collect a host-side token. +Apply the preset and complete the in-sandbox pairing after the rebuild: + +```console +$ NEMOCLAW_NON_INTERACTIVE=1 nemoclaw my-assistant channels add whatsapp +$ nemoclaw my-assistant rebuild +$ nemoclaw my-assistant policy-add whatsapp --yes +``` + +If you enabled WeChat or WhatsApp during onboarding, apply only the matching preset: + +```console +$ nemoclaw my-assistant policy-add wechat --yes +$ nemoclaw my-assistant policy-add whatsapp --yes +``` + +## GitHub and Jira + +Use `github` when the agent needs GitHub API or Git access. +Use `jira` when the agent needs Atlassian Jira access. + +Preview first: + +```console +$ nemoclaw my-assistant policy-add github --dry-run +$ nemoclaw my-assistant policy-add jira --dry-run +``` + +Apply the preset that matches the workflow: + +```console +$ nemoclaw my-assistant policy-add github --yes +$ nemoclaw my-assistant policy-add jira --yes +``` + +The `jira` preset intentionally allows Node.js access to Atlassian Cloud and does not allow `curl`. +When validating it manually, avoid plain `curl -s` against `auth.atlassian.com`. +Atlassian can return an empty redirect body even when the request succeeds. +Use an explicit status probe instead: + +```console +$ node -e "require('https').get('https://api.atlassian.com', r => console.log(r.statusCode))" +$ curl -sS -o /dev/null -w '%{http_code}' --max-time 10 https://auth.atlassian.com +``` + +Before approval, the curl probe should report `000` or a local policy denial. +After approving the blocked request in OpenShell, it should report an HTTP +status such as `301` or `200`. + +Remove access when the task is done: + +```console +$ nemoclaw my-assistant policy-remove github --yes +$ nemoclaw my-assistant policy-remove jira --yes +``` + +## Brave Search + +The default Balanced policy tier includes `brave`. +If you chose Restricted during onboarding or removed the preset later, add it before enabling Brave Search workflows: + +```console +$ nemoclaw my-assistant policy-add brave --dry-run +$ nemoclaw my-assistant policy-add brave --yes +``` + +The Brave Search API key is still configured separately during onboarding or through the web search setup flow. + +## Package and Model Tooling + +Use these presets when an agent workflow installs packages or downloads model assets: + +| Workflow | Preset | +|----------|--------| +| npm or Yarn packages | `npm` | +| Python packages from PyPI | `pypi` | +| Homebrew packages | `brew` | +| Hugging Face model or dataset access | `huggingface` | + +Add only the preset required for the task: + +```console +$ nemoclaw my-assistant policy-add npm --yes +$ nemoclaw my-assistant policy-add pypi --yes +$ nemoclaw my-assistant policy-add brew --yes +$ nemoclaw my-assistant policy-add huggingface --yes +``` + +Remove package access after a one-time setup task if the sandbox no longer needs it: + +```console +$ nemoclaw my-assistant policy-remove npm --yes +$ nemoclaw my-assistant policy-remove pypi --yes +$ nemoclaw my-assistant policy-remove brew --yes +$ nemoclaw my-assistant policy-remove huggingface --yes +``` + +### Homebrew Specifics + +The sandbox base image includes Homebrew (Linuxbrew), so applying the `brew` preset is the only step needed before installing a formula. +A `/usr/local/bin/brew` symlink puts the entry point on the sandbox `PATH`, so the agent can run `brew install ` directly: + +```console +$ nemoclaw my-assistant policy-add brew --yes +$ nemoclaw my-assistant exec -- brew install +``` + +You do not need to bootstrap Homebrew, install build dependencies, or source `brew shellenv` inside the sandbox. + +## Model Pricing + +OpenClaw's gateway fetches reference pricing from LiteLLM and OpenRouter on every start so it can populate `usage.cost` in session JSONL records. +The default-strict egress policy denies both hosts. +The fetch fails closed, the gateway logs `[gateway/model-pricing] LiteLLM pricing fetch failed: TypeError: fetch failed` (and the matching OpenRouter line) on every startup, and every session record records `usage.cost = 0` even though the input and output token counts populate correctly. +Tools that read the session log to display per-turn cost (audit dashboards, compliance review surfaces) cannot distinguish a real free run from this silent failure. + +Apply the `openclaw-pricing` preset to allow both pricing endpoints. +The preset pins each host to a single read-only path so it does not widen egress beyond the pricing fetch: + +```console +$ nemoclaw my-assistant policy-add openclaw-pricing --dry-run +$ nemoclaw my-assistant policy-add openclaw-pricing --yes +``` + +After the next gateway restart the WARN entries stop and `usage.cost` populates from the fetched pricing tables. + +## Local Inference + +Use `local-inference` when the sandbox needs access to host-side local inference services such as Ollama or vLLM through the OpenShell host gateway. +Onboarding auto-suggests this preset when you choose a local provider. +If you need to add it after onboarding: + +```console +$ nemoclaw my-assistant policy-add local-inference --dry-run +$ nemoclaw my-assistant policy-add local-inference --yes +``` + +Then verify the sandbox status: + +```console +$ nemoclaw my-assistant status +``` + +## Inspect or Replace the Live Policy + +Use `policy-list` for normal preset state: + +```console +$ nemoclaw my-assistant policy-list +``` + +Use OpenShell when you need the full enforced YAML: + +```console +$ openshell policy get --full my-assistant > live-policy.yaml +``` + +If you must replace the live policy, edit the full policy file and set it back: + +```console +$ openshell policy set --policy live-policy.yaml my-assistant --wait +``` + +`openshell policy set` replaces the live policy with the file you provide. +It does not accept a preset file that starts with a `preset:` block, and it does not merge a single endpoint into the existing policy. +Use `nemoclaw my-assistant policy-add` for maintained NemoClaw presets. + +## Next Steps + +- [Approve or Deny Agent Network Requests](approve-network-requests.md) for the interactive OpenShell TUI flow. +- [Customize the Sandbox Network Policy](../SKILL.md) for static policy edits and raw OpenShell policy files. +- Messaging Channels (use the `nemoclaw-user-manage-sandboxes` skill) for Telegram, Discord, Slack, WeChat, and WhatsApp channel configuration. +- Commands (use the `nemoclaw-user-reference` skill) for the full `policy-add`, `policy-list`, `policy-remove`, and `channels` command reference. diff --git a/skills/nemoclaw-user-manage-policy/skill-card.md b/skills/nemoclaw-user-manage-policy/skill-card.md new file mode 100644 index 0000000000..863bd5133b --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/skill-card.md @@ -0,0 +1,55 @@ +## Description:
+Adds, removes, or modifies allowed endpoints in the sandbox policy.
+ +This skill is ready for commercial/non-commercial use.
+ +## Owner +NVIDIA
+ +### License/Terms of Use:
+Apache 2.0
+## Use Case:
+Developers and operators who need to customize, add, or remove allowed network endpoints in a NemoClaw-managed sandbox policy for OpenClaw assistants.
+ +### Deployment Geography for Use:
+Global
+ +## Known Risks and Mitigations:
+Risk: Review before execution as proposals could introduce incorrect or misleading guidance into skills.
+Mitigation: Review and scan skill before deployment.
+ +## Reference(s):
+- [Integration Policy Examples](references/integration-policy-examples.md)
+- [Approve Network Requests](references/approve-network-requests.md)
+- [Customize Network Policy Details](references/customize-network-policy-details.md)
+- [OpenShell Policy Schema](https://docs.nvidia.com/openshell/latest/reference/policy-schema.html)
+- [OpenShell Sandbox Policies](https://docs.nvidia.com/openshell/latest/sandboxes/policies.html)
+ + +## Skill Output:
+**Output Type(s):** [Shell commands, Configuration instructions]
+**Output Format:** [Markdown with inline bash code blocks]
+**Output Parameters:** [1D]
+**Other Properties Related to Output:** [None]
+ +## Evaluation Tasks:
+NVSkills-Eval 3-Tier Evaluation (profile: external). Tier 1 static validation ran 9 checks with 10 findings; Tier 2 deduplication ran 2 checks with 1 finding. Tier 3 live agent evaluation not available.
+ +## Evaluation Metrics Used:
+Reported benchmark dimensions:
+- Security: Checks whether skill-assisted execution avoids unsafe behavior such as secret leakage, destructive commands, or unauthorized access.
+- Correctness: Checks whether the agent follows the expected workflow and produces the correct final output.
+- Discoverability: Checks whether the agent loads the skill when relevant and avoids using it when irrelevant.
+- Effectiveness: Checks whether the agent performs measurably better with the skill than without it.
+- Efficiency: Checks whether the agent uses fewer tokens and avoids redundant work.
+ + + +## Skill Version(s):
+0.1.0 (source: package.json, pyproject.toml)
+ +## Ethical Considerations:
+NVIDIA believes Trustworthy AI is a shared responsibility and we have established policies and practices to enable development for a wide array of AI applications. When downloaded or used in accordance with our terms of service, developers should work with their internal team to ensure this skill meets requirements for the relevant industry and use case and addresses unforeseen product misuse.
+ +(For Release on NVIDIA Platforms Only)
+Please report quality, risk, security vulnerabilities or NVIDIA AI Concerns [here](https://app.intigriti.com/programs/nvidia/nvidiavdp/detail).
diff --git a/skills/nemoclaw-user-manage-policy/skill.oms.sig b/skills/nemoclaw-user-manage-policy/skill.oms.sig new file mode 100644 index 0000000000..3c6dcf1cb2 --- /dev/null +++ b/skills/nemoclaw-user-manage-policy/skill.oms.sig @@ -0,0 +1 @@ +{"mediaType":"application/vnd.dev.sigstore.bundle.v0.3+json","verificationMaterial":{"x509CertificateChain":{"certificates":[{"rawBytes":"MIICgzCCAgmgAwIBAgIUKIyS7SxNteQIiWzK1dWj85E6520wCgYIKoZIzj0EAwMwVTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjEpMCcGA1UEAwwgTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBJQ0EgMDEwHhcNMjYwNDAxMDAwMDAwWhcNMjgwNDIyMTUzMzA5WjBUMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTlZJRElBIENvcnBvcmF0aW9uMSgwJgYDVQQDDB9OVklESUEgQWdlbnQgU2tpbGxzIFNpZ25pbmcgMDAxMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEYoRM9bQl/dGlwSRNi6bTpIJUXH8Nv9GciP6LSflJYYMLCc296kpyuTSsk5ddbAWiDcFX3C/ydX3jwc+qCLYP6uHy9XphyLjOQ27Yb2J6rBLVtRBS1mgGco/Gr7fL6ODco4GaMIGXMB0GA1UdDgQWBBRQ/5ZW3nJ6lmo9SVk7I15o7UGmpTAfBgNVHSMEGDAWgBRPGpILxMBBleJSsBGjrMKsby1CgjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLm5kaXMubnZpZGlhLmNvbTAKBggqhkjOPQQDAwNoADBlAjAUygu/GiOCIXrgGr4SmLgeEVDcEitfFUv7ALbvLVGVyMysB3mxmO/uInZfXzWcJZsCMQDxuoxj4ZmO30jhkPIcCxGFCOvnUsnfU3TfGcouYm4M6iRpbKvtVnHPiy4bi6pcKf0="},{"rawBytes":"MIICiDCCAg6gAwIBAgIUZsIuSv9NkpJCNqtYEfCouVv5BzowCgYIKoZIzj0EAwMwUTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjElMCMGA1UEAwwcTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBDQTAgFw0yNjA0MDEwMDAwMDBaGA85OTk5MTIzMTIzNTk1OVowVTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjEpMCcGA1UEAwwgTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBJQ0EgMDEwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASI72cR3ctKGg4VWnB3bNja6g1Z2PnOmFEopkPof+QeIcPk9rT+g9MjJnq51EQXL93a7C2GJ9J985G4o2V85VD7wJ1RaXhluHW2rf3y8bQGeAYaKMr5s/hUgn+M3/9WlWejgaAwgZ0wHQYDVR0OBBYEFE8akgvEwEGV4lKwEaOswqxvLUKCMB8GA1UdIwQYMBaAFItnoAjjfuCEUvzyvWyI2vOGvwPjMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AubmRpcy5udmlkaWEuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCeIMMfAbyzPDacw2MxG+Yt1cikrJX/DVxiGfXuHmkkXn6VgSzE79+lkqDErpVO2gYCMCNEColOyvUvkzZGUEI1hQ3PfMgi3FIo9tHoBKMw4/wGBLFpu/0ubtmbBXM6/UMOEw=="},{"rawBytes":"MIICRTCCAcygAwIBAgIUeJdY3rV86EdvFmG7L8LJBsyQFYkwCgYIKoZIzj0EAwMwUTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjElMCMGA1UEAwwcTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBDQTAgFw0yNjA0MDEwMDAwMDBaGA85OTk5MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjElMCMGA1UEAwwcTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABAYpiXCDjJ9NT2eSDhyHJVSw1Tbze18cGG2F/578oWvHxg23eQAhNRYdq88i1iOshZSO6C29doKui5Xpmo/7Ctw9Sx4PP2RzOmIuOLCuTdNtKcTRwi4GEsd5BAFvWj42M6NjMGEwHQYDVR0OBBYEFItnoAjjfuCEUvzyvWyI2vOGvwPjMB8GA1UdIwQYMBaAFItnoAjjfuCEUvzyvWyI2vOGvwPjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cAMGQCMCwtAjWLaNwgGWNCgdyNoTyvNhqWRECRJV2r3+7w8g0PL6NHLOsbkgE09BH95h8XlgIwTaQmbbUh2ChAJ5TA1wRiVDnCcvbzHlZl2jM2FcwQQZlk19LOAbyGMRixbu2Ww/rj"}]},"tlogEntries":[]},"dsseEnvelope":{"payload":"ewogICJfdHlwZSI6ICJodHRwczovL2luLXRvdG8uaW8vU3RhdGVtZW50L3YxIiwKICAic3ViamVjdCI6IFsKICAgIHsKICAgICAgIm5hbWUiOiAibmVtb2NsYXctdXNlci1tYW5hZ2UtcG9saWN5IiwKICAgICAgImRpZ2VzdCI6IHsKICAgICAgICAic2hhMjU2IjogIjg0OTcyZmRjNzgxZTEwZTZhMDNiZTdhM2I2ZDZhYjA5YzZjMThlNGJkNzk5YjllYTUyNzhlZGQ5NmUyMmFmMTAiCiAgICAgIH0KICAgIH0KICBdLAogICJwcmVkaWNhdGVUeXBlIjogImh0dHBzOi8vbW9kZWxfc2lnbmluZy9zaWduYXR1cmUvdjEuMCIsCiAgInByZWRpY2F0ZSI6IHsKICAgICJzZXJpYWxpemF0aW9uIjogewogICAgICAibWV0aG9kIjogImZpbGVzIiwKICAgICAgImhhc2hfdHlwZSI6ICJzaGEyNTYiLAogICAgICAiaWdub3JlX3BhdGhzIjogWwogICAgICAgICIuZ2l0aHViIiwKICAgICAgICAiLmdpdCIsCiAgICAgICAgIi5naXRpZ25vcmUiLAogICAgICAgICIuZ2l0YXR0cmlidXRlcyIKICAgICAgXSwKICAgICAgImFsbG93X3N5bWxpbmtzIjogZmFsc2UKICAgIH0sCiAgICAicmVzb3VyY2VzIjogWwogICAgICB7CiAgICAgICAgImFsZ29yaXRobSI6ICJzaGEyNTYiLAogICAgICAgICJkaWdlc3QiOiAiZDI3NDE1NmIxZjk2NGI0NmY1ZDM4ZTk0ZTNjMTYwY2MzMTMyNGJhOTdhNDZjODRlODJjNWUwMDRlOTg5YTYwMCIsCiAgICAgICAgIm5hbWUiOiAiQkVOQ0hNQVJLLm1kIgogICAgICB9LAogICAgICB7CiAgICAgICAgImFsZ29yaXRobSI6ICJzaGEyNTYiLAogICAgICAgICJkaWdlc3QiOiAiZjhkODY4ZDU3YTJkMWQzZDNiNzgxZWUwM2I2ZTc1NDRiNjljYzEwNDk2NTIxMTMxNjhjMjY1OWYzYjhlYzE4MyIsCiAgICAgICAgIm5hbWUiOiAiU0tJTEwubWQiCiAgICAgIH0sCiAgICAgIHsKICAgICAgICAiYWxnb3JpdGhtIjogInNoYTI1NiIsCiAgICAgICAgImRpZ2VzdCI6ICIzOTAzNjg2YmQ0OTIyZTQ3YjA3YWQ1NzNhMDRlNjBhZDNhNzNhNWY1Yjc2Y2MyYTc4MWRjZjQyZWQ3ZThkZmYyIiwKICAgICAgICAibmFtZSI6ICJldmFscy9ldmFscy5qc29uIgogICAgICB9LAogICAgICB7CiAgICAgICAgImFsZ29yaXRobSI6ICJzaGEyNTYiLAogICAgICAgICJkaWdlc3QiOiAiNWE1NDM1MWQ4ZDFjYTc4NTMyYjM4NjhkOGVmNDc1ZWM0NWI4NDNmNWNmM2I5OTZhNGFlYzlmODIzYWJmMGNkOCIsCiAgICAgICAgIm5hbWUiOiAicmVmZXJlbmNlcy9hcHByb3ZlLW5ldHdvcmstcmVxdWVzdHMubWQiCiAgICAgIH0sCiAgICAgIHsKICAgICAgICAiYWxnb3JpdGhtIjogInNoYTI1NiIsCiAgICAgICAgImRpZ2VzdCI6ICI5OGExNjVjZGY1MjI4ZmRiMzBjNzdhZGE1Y2FkYjk0ODc0OThjZTJkYTg3Yjg0NDg5NDA0OTg0ZDgyODk5MWEwIiwKICAgICAgICAibmFtZSI6ICJyZWZlcmVuY2VzL2N1c3RvbWl6ZS1uZXR3b3JrLXBvbGljeS1kZXRhaWxzLm1kIgogICAgICB9LAogICAgICB7CiAgICAgICAgImFsZ29yaXRobSI6ICJzaGEyNTYiLAogICAgICAgICJkaWdlc3QiOiAiZDhkNWZlNTgwOGU5ZTc0NzIxYjM1ZmI5YjAyNGZiMGJlNDkyM2E5OTM4N2ZmN2Q4NzZiNzc0NGE4MGFhZDkyMSIsCiAgICAgICAgIm5hbWUiOiAicmVmZXJlbmNlcy9pbnRlZ3JhdGlvbi1wb2xpY3ktZXhhbXBsZXMubWQiCiAgICAgIH0sCiAgICAgIHsKICAgICAgICAiYWxnb3JpdGhtIjogInNoYTI1NiIsCiAgICAgICAgImRpZ2VzdCI6ICJjMDI3MGZmNTQ1OTlhYjBiNjRmZGUwYTNlOGYxM2NjOTE5MDcwY2I4ZWRhY2RmODM0Yjg3NTYzZTIwZGVmZWI5IiwKICAgICAgICAibmFtZSI6ICJza2lsbC1jYXJkLm1kIgogICAgICB9CiAgICBdCiAgfQp9","payloadType":"application/vnd.in-toto+json","signatures":[{"sig":"MGQCMG7t06Lz1XS9ezHGXbgQN5K7GrOhDlIQBMr5ajWhb6j/SS6wuLVqqIS44kTIKUGEvAIwLxVl6OkhVix4AniYE0/8f1IQMXGVqY7sTn4lMvCRJ9REWDgMgfE0YmOFR99Ql6Qe","keyid":""}]}} \ No newline at end of file diff --git a/skills/nemoclaw-user-manage-sandboxes/BENCHMARK.md b/skills/nemoclaw-user-manage-sandboxes/BENCHMARK.md new file mode 100644 index 0000000000..c8c0eb2189 --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/BENCHMARK.md @@ -0,0 +1,69 @@ +# Evaluation Report + +Evaluation of the `nemoclaw-user-manage-sandboxes` skill before publication through NVSkills-Eval. + +This benchmark summarizes 3-Tier Evaluation from NVSkills-Eval results for the skill. The goal is to document whether the skill is safe, discoverable, effective, and useful for agents before it is published for broader workflow use. + +## Evaluation Summary + +- Skill: `nemoclaw-user-manage-sandboxes` +- Evaluation date: 2026-05-28 +- NVSkills-Eval profile: `external` +- Overall verdict: FAIL +- Tier 3 live agent evaluation: not available in this report + +## Agents Used + +- Tier 3 agent details were not available in this report. + +## Metrics Used + +Reported benchmark dimensions: + +- Security: checks whether skill-assisted execution avoids unsafe behavior such as secret leakage, destructive commands, or unauthorized access. +- Correctness: checks whether the agent follows the expected workflow and produces the correct final output. +- Discoverability: checks whether the agent loads the skill when relevant and avoids using it when irrelevant. +- Effectiveness: checks whether the agent performs measurably better with the skill than without it. +- Efficiency: checks whether the agent uses fewer tokens and avoids redundant work. + +Underlying evaluation signals used in this run: + +- No Tier 3 evaluation signal details were available in this report. + +## Test Tasks + +Tier 3 evaluation task details were not available in this report. + +## Results + +Tier 3 dimension rollup was not available in this report. + +## Tier 1: Static Validation Summary + +Tier 1 validation passed with observations. NVSkills-Eval ran 9 checks and found 14 total findings. + +Top findings: + +- MEDIUM QUALITY/quality_correctness: SKILL_SPEC recommended field missing: 'metadata.author' (`skills/nemoclaw-user-manage-sandboxes/SKILL.md`) +- MEDIUM QUALITY/quality_correctness: SKILL_SPEC recommended field missing: 'metadata.tags' (`skills/nemoclaw-user-manage-sandboxes/SKILL.md`) +- MEDIUM QUALITY/quality_efficiency: Deeply nested references in workspace-files.md (`skills/nemoclaw-user-manage-sandboxes/SKILL.md`) +- MEDIUM SCHEMA/body_recommended_section: Missing recommended section: '## Instructions' (`skills/nemoclaw-user-manage-sandboxes/SKILL.md`) +- MEDIUM SCHEMA/body_recommended_section: Missing recommended section: '## Examples' (`skills/nemoclaw-user-manage-sandboxes/SKILL.md`) + +## Tier 2: Deduplication Summary + +Tier 2 validation reported findings. NVSkills-Eval ran 2 checks and found 1 total findings. + +Top findings: + +- HIGH DUPLICATE/duplicate: Duplicate content found across SKILL.md and references/backup-restore.md and references/lifecycle-details.md and references/messaging-channels.md and references/runtime-controls.md and references/workspace-files.md: + "(preamble)" in SKILL.md (lines 1-3) + vs "(preamble)" in references/backup-restore.md (lines 1-2) + vs "(preamble)" in references/lifecycle-details.md (lines 1-2) + vs "(preamble)" in references/messaging-channels.md (lines 1-2) + vs "(preamble)" in references/runtime-controls.md (lines 1-2) + vs "(preamble)" in references/workspace-files.md (lines 1-2) (`SKILL.md:1`) + +## Publication Recommendation + +The skill should be reviewed before NVSkills-Eval publication. Skill owners should address the findings above and rerun NVSkills-Eval to refresh this benchmark. diff --git a/skills/nemoclaw-user-manage-sandboxes/SKILL.md b/skills/nemoclaw-user-manage-sandboxes/SKILL.md new file mode 100644 index 0000000000..b5618052c5 --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/SKILL.md @@ -0,0 +1,266 @@ +--- +name: "nemoclaw-user-manage-sandboxes" +description: "Explains operational tasks after the quickstart: listing sandboxes, status and health checks, logs, diagnostics, port forwards, multiple sandboxes, credential reset, rebuilds, network presets, upgrades, and uninstall. Trigger keywords - manage nemoclaw sandboxes, nemoclaw status, nemoclaw list, nemoclaw dashboard port, nemoclaw rebuild, nemoclaw upgrade sandboxes, nemoclaw uninstall, sandbox mutability, sandbox runtime configuration, sandbox rebuild, nemoclaw backup, nemoclaw restore, workspace backup, openshell sandbox download upload, nemoclaw messaging channels, nemoclaw telegram, nemoclaw discord, nemoclaw slack, nemoclaw wechat, nemoclaw whatsapp, openshell channel messaging, nemoclaw workspace files, soul.md, user.md, identity.md, agents.md, sandbox persistence." +license: "Apache-2.0" +--- + + + + +# Manage Sandbox Lifecycle + +Use this guide after you finish the OpenClaw quickstart (use the `nemoclaw-user-get-started` skill). +It covers day-two sandbox operations such as listing sandboxes, checking health, managing ports, rebuilding safely, upgrading, and uninstalling. +When a workflow uses the lower-level OpenShell CLI, see CLI Selection Guide (use the `nemoclaw-user-reference` skill) for the boundary between `nemoclaw` and `openshell`. + +## List Sandboxes + +List every sandbox registered on this host: + +```console +$ nemoclaw list +``` + +The list shows each sandbox's model, provider, policy presets, active SSH session indicator, and dashboard URL when a dashboard port is recorded. +Use JSON output for scripts: + +```console +$ nemoclaw list --json +``` + +## Check Sandbox Health + +Check a specific sandbox's health, inference route, active connections, live policy, update status, and messaging-channel overlap warnings: + +```console +$ nemoclaw my-assistant status +``` + +Use the host-level status command when you want the sandbox inventory plus host auxiliary service state, such as cloudflared: + +```console +$ nemoclaw status +``` + +## Inspect Logs + +View recent sandbox logs: + +```console +$ nemoclaw my-assistant logs +``` + +Stream logs while you reproduce a problem: + +```console +$ nemoclaw my-assistant logs --follow +``` + +The log command reads both OpenClaw gateway output and OpenShell audit events, so policy denials appear beside gateway logs. + +## Collect Diagnostics + +Collect diagnostics for bug reports or support handoff: + +```console +$ nemoclaw debug --sandbox my-assistant --output nemoclaw-debug.tar.gz +``` + +Use `--quick` for a smaller local summary: + +```console +$ nemoclaw debug --quick --sandbox my-assistant +``` + +The debug command gathers system information, Docker state, gateway logs, and sandbox status. + +## Manage Dashboard Ports + +If the forward stopped, or the installer reported that no active forward was found and the URL does not load, restart it manually with the port from the install summary. + +```console +$ openshell forward start --background my-gpt-claw +``` + +To list active forwards across all sandboxes, run the following command. + +```console +$ openshell forward list +``` + +## Run Multiple Sandboxes + +Each sandbox needs its own dashboard port, since `openshell forward` refuses to bind a port that another sandbox is already using. +When the default port is already held by another sandbox, `nemoclaw onboard` scans ports `18789` through `18799` and uses the next free port. + +```console +$ nemoclaw onboard # first sandbox uses 18789 +$ nemoclaw onboard # second sandbox uses the next free port, such as 18790 +``` + +To choose a specific port, pass `--control-ui-port`: + +```console +$ nemoclaw onboard --control-ui-port 19000 +``` + +You can also set `CHAT_UI_URL` or `NEMOCLAW_DASHBOARD_PORT` before onboarding: + +```console +$ CHAT_UI_URL=http://127.0.0.1:19000 nemoclaw onboard +$ NEMOCLAW_DASHBOARD_PORT=19000 nemoclaw onboard +``` + +For full details on port conflicts and overrides, refer to Port already in use (use the `nemoclaw-user-reference` skill). + +## Reconfigure or Recover + +Recover from a misconfigured sandbox without re-running the full onboard wizard or destroying workspace state. + +### Change Inference Model or API + +Change the active model or provider at runtime without rebuilding the sandbox: + +```console +$ nemoclaw inference set --model --provider +``` + +Refer to Switch Inference Providers (use the `nemoclaw-user-configure-inference` skill) for provider-specific model IDs and API compatibility notes. + +### Restart the Gateway and Port Forward + +If `nemoclaw status` reports the sandbox is alive but the gateway is not running, run the recover command instead of opening a shell. + +```console +$ nemoclaw recover +``` + +The command restarts the in-sandbox gateway and re-establishes the dashboard port-forward in one step. +It is idempotent and safe to script. +Refer to `nemoclaw recover` (use the `nemoclaw-user-reference` skill) for details. + +### Reset a Stored Credential + +If a provider credential was entered incorrectly during onboarding, clear the gateway-registered value and re-enter it on the next onboard run: + +```console +$ nemoclaw credentials list # see which providers are registered +$ nemoclaw credentials reset # clear a single provider, for example nvidia-prod +$ nemoclaw onboard # re-run to re-enter the cleared provider +``` + +The credentials command is documented in full at `nemoclaw credentials reset ` (use the `nemoclaw-user-reference` skill). + +### Rebuild a Sandbox While Preserving Workspace State + +If you changed the underlying Dockerfile, upgraded OpenClaw, or want to pick up a new base image without losing your sandbox's workspace files, use `rebuild` instead of destroying and recreating: + +```console +$ nemoclaw rebuild +``` + +Rebuild preserves the mounted workspace and registered policies while recreating the container. +If NemoClaw cannot archive any requested state path, it reports the backup failure and stops before deleting the original sandbox. +Refer to `nemoclaw rebuild` (use the `nemoclaw-user-reference` skill) for flag details. + +### Add a Network Preset After Onboarding + +Apply an additional preset, such as Telegram or GitHub, to a running sandbox without re-onboarding: + +```console +$ nemoclaw policy-add +``` + +Refer to `nemoclaw policy-add` (use the `nemoclaw-user-reference` skill) for usage details and flags. + +Non-interactive re-onboards in the default `suggested` policy mode preserve presets added this way. +To make a re-onboard authoritative, set `NEMOCLAW_POLICY_MODE=custom` and provide `NEMOCLAW_POLICY_PRESETS` with the exact list to apply; onboarding removes anything else. +See `NEMOCLAW_POLICY_MODE` (use the `nemoclaw-user-reference` skill) for the full table. + +## Update to the Latest Version + +When a new NemoClaw release becomes available, update the `nemoclaw` CLI on your host and check existing sandboxes for stale agent/runtime versions. + +### Update the NemoClaw CLI + +Re-run the installer. +Before it onboards anything, the installer calls `nemoclaw backup-all` (use the `nemoclaw-user-reference` skill) automatically, storing a snapshot of each running sandbox in `~/.nemoclaw/rebuild-backups/` as a safety net. +If your existing gateway is from OpenShell earlier than `0.0.37`, the installer prompts before it runs the new automatic gateway upgrade path. +The automatic path is offered only when the existing `nemoclaw` CLI supports `backup-all`; older installs must preserve sandbox state manually before retiring the gateway. +For unattended installs, set `NEMOCLAW_ACCEPT_EXPERIMENTAL_OPENSHELL_UPGRADE=1`, or manually run `nemoclaw backup-all` and `openshell gateway destroy -g nemoclaw || openshell gateway destroy` before rerunning the installer as `curl -fsSL https://www.nvidia.com/nemoclaw.sh | NEMOCLAW_OPENSHELL_UPGRADE_PREPARED=1 bash`. + +```console +$ curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash +``` + +### Upgrade Sandboxes with Stale Agent and Runtime Versions + +The installer checks registered sandboxes after onboarding succeeds and runs `nemoclaw upgrade-sandboxes --auto` for stale running sandboxes. +Use `upgrade-sandboxes` directly to verify the result, rebuild when you skipped the installer or onboarding step, or handle sandboxes that were stopped or could not be version-checked. +The upgrade flow is non-destructive by default because NemoClaw preserves manifest-defined workspace state, but a manual snapshot before any major upgrade gives you a state restore point. + +```console +$ nemoclaw snapshot create --name pre-upgrade # optional, recommended +$ nemoclaw update --yes # updates CLI through the maintained installer flow +$ nemoclaw upgrade-sandboxes --check # verify or list remaining stale/unknown sandboxes +$ nemoclaw upgrade-sandboxes # manually rebuild remaining stale running sandboxes +``` + +`nemoclaw update` is the CLI wrapper around the same installer path as `curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash`. +Use `nemoclaw update --check` when you only want to inspect version state and see the maintained update command. + +For scripted manual rebuilds, use `nemoclaw upgrade-sandboxes --auto` to skip the confirmation prompt. + +If the upgraded sandbox needs its workspace state reverted, restore the pre-upgrade snapshot into the running sandbox. +This restores saved state directories only; it does not downgrade the sandbox image or agent/runtime: + +```console +$ nemoclaw snapshot restore pre-upgrade +``` + +Load [references/lifecycle-details.md](references/lifecycle-details.md) for detailed steps on What Changes During a Rebuild. + +## Uninstall + +To remove NemoClaw and all resources created during setup, run the CLI's built-in uninstall command: + +```bash +nemoclaw uninstall +``` + +| Flag | Effect | +|--------------------|------------------------------------------------------| +| `--yes` | Skip the confirmation prompt. | +| `--keep-openshell` | Leave OpenShell binaries installed. | +| `--delete-models` | Also remove NemoClaw-pulled Ollama models. | + +`nemoclaw uninstall` runs the version-pinned `uninstall.sh` that shipped with your installed CLI, so it does not fetch anything over the network at uninstall time. + +If the `nemoclaw` CLI is missing or broken, fall back to the hosted script: + +```bash +curl -fsSL https://raw.githubusercontent.com/NVIDIA/NemoClaw/refs/heads/main/uninstall.sh | bash +``` + +The same `--yes`, `--keep-openshell`, and `--delete-models` flags listed above also apply to the hosted script. Pass them after `bash -s --`. + +```bash +curl -fsSL https://raw.githubusercontent.com/NVIDIA/NemoClaw/refs/heads/main/uninstall.sh | bash -s -- --yes --delete-models +``` + +For a full comparison of the two forms, including what they fetch, what they trust, and when to prefer each, see `nemoclaw uninstall` vs. the hosted `uninstall.sh` (use the `nemoclaw-user-reference` skill). + +## References + +- **[references/runtime-controls.md](references/runtime-controls.md)** — Single page that answers what can change at runtime versus what requires a rebuild for NemoClaw sandboxes. +- **Load [references/backup-restore.md](references/backup-restore.md)** when downloading workspace files from a sandbox, uploading restored files into a new sandbox, or preserving sandbox state across rebuilds. Backs up and restores OpenClaw workspace files before destructive operations such as sandbox rebuilds. +- **Load [references/messaging-channels.md](references/messaging-channels.md)** when setting up messaging channels, chat interfaces, or integrations without relying on nemoclaw tunnel start for bridges. Explains how Telegram, Discord, Slack, WeChat, and WhatsApp reach sandboxed OpenClaw and Hermes agents through OpenShell-managed processes and NemoClaw channel commands. +- **Load [references/workspace-files.md](references/workspace-files.md)** when users ask about `SOUL.md`, `USER.md`, `IDENTITY.md`, `AGENTS.md`, or other workspace files, or when preparing to back up or restore workspace state. Explains what workspace personality and configuration files are, where they live, and how they persist across sandbox restarts. +- **Load [references/lifecycle-details.md](references/lifecycle-details.md)** when you need detailed steps for What Changes During a Rebuild. + +## Related Skills + +- [Set Up Messaging Channels](references/messaging-channels.md) to connect Telegram, Discord, or Slack. +- [Workspace Files](references/workspace-files.md) for persistent OpenClaw files inside the sandbox. +- [Backup and Restore](references/backup-restore.md) for snapshot and restore workflows. +- `nemoclaw-user-monitor-sandbox` — Monitor Sandbox Activity (use the `nemoclaw-user-monitor-sandbox` skill) for observability tools diff --git a/skills/nemoclaw-user-manage-sandboxes/evals/evals.json b/skills/nemoclaw-user-manage-sandboxes/evals/evals.json new file mode 100644 index 0000000000..ff6af55509 --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/evals/evals.json @@ -0,0 +1,92 @@ +[ + { + "id": "docs-manage-sandboxes-lifecycle-001", + "question": "I'm managing a NemoClaw sandbox. Help me check status, health, logs, ports, providers, upgrades, and uninstall paths so I can operate the sandbox safely after quickstart.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user check status, health, logs, ports, providers, upgrades, and uninstall paths and gives enough concrete guidance, decision criteria, verification steps, or risk framing to operate the sandbox safely after quickstart." + }, + { + "id": "docs-manage-sandboxes-lifecycle-002", + "question": "I'm choosing a lifecycle command. Help me understand which commands inspect, restart, rebuild, or destroy state so I can avoid accidental data loss.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user understand which commands inspect, restart, rebuild, or destroy state and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid accidental data loss." + }, + { + "id": "docs-manage-sandboxes-lifecycle-003", + "question": "I'm planning an upgrade, rebuild, or uninstall. Help me know when to preserve workspace files first so I can recover useful agent state after disruptive changes.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user know when to preserve workspace files first and gives enough concrete guidance, decision criteria, verification steps, or risk framing to recover useful agent state after disruptive changes." + }, + { + "id": "docs-manage-sandboxes-runtime-controls-001", + "question": "I'm changing a running sandbox. Help me know which controls can change without rebuild or re-onboarding so I can make safe adjustments with minimal downtime.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user know which controls can change without rebuild or re-onboarding and gives enough concrete guidance, decision criteria, verification steps, or risk framing to make safe adjustments with minimal downtime." + }, + { + "id": "docs-manage-sandboxes-runtime-controls-002", + "question": "I'm reviewing a runtime control. Help me classify it as hot-reloadable, rebuild-only, or onboarding-only so I can choose the correct operational path.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user classify it as hot-reloadable, rebuild-only, or onboarding-only and gives enough concrete guidance, decision criteria, verification steps, or risk framing to choose the correct operational path." + }, + { + "id": "docs-manage-sandboxes-runtime-controls-003", + "question": "I'm responding to an incident or risky agent behavior. Help me use `shields up`, `shields down`, and `shields status` correctly so I can tighten or inspect controls without confusion.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user use `shields up`, `shields down`, and `shields status` correctly and gives enough concrete guidance, decision criteria, verification steps, or risk framing to tighten or inspect controls without confusion." + }, + { + "id": "docs-manage-sandboxes-backup-restore-001", + "question": "I'm backing up workspace files before a destructive operation. Help me preserve agent memory, identity, and useful configuration so I can rebuild or migrate without losing important state.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user preserve agent memory, identity, and useful configuration and gives enough concrete guidance, decision criteria, verification steps, or risk framing to rebuild or migrate without losing important state." + }, + { + "id": "docs-manage-sandboxes-backup-restore-002", + "question": "I'm handling a workspace archive. Help me understand credential stripping and integrity checks so I can trust the archive without exposing secrets.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user understand credential stripping and integrity checks and gives enough concrete guidance, decision criteria, verification steps, or risk framing to trust the archive without exposing secrets." + }, + { + "id": "docs-manage-sandboxes-backup-restore-003", + "question": "I'm restoring workspace files. Help me verify the agent's useful memory returned so I can continue work without reintroducing sensitive host data.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user verify the agent's useful memory returned and gives enough concrete guidance, decision criteria, verification steps, or risk framing to continue work without reintroducing sensitive host data." + }, + { + "id": "docs-manage-sandboxes-workspace-files-001", + "question": "I'm inspecting workspace files. Help me understand where personality, identity, and configuration live so I can predict how the agent will behave across sessions.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user understand where personality, identity, and configuration live and gives enough concrete guidance, decision criteria, verification steps, or risk framing to predict how the agent will behave across sessions." + }, + { + "id": "docs-manage-sandboxes-workspace-files-002", + "question": "I'm adding durable instructions for the agent. Help me know which files persist and who owns them so I can put guidance in the right place.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user know which files persist and who owns them and gives enough concrete guidance, decision criteria, verification steps, or risk framing to put guidance in the right place." + }, + { + "id": "docs-manage-sandboxes-workspace-files-003", + "question": "I'm restarting, rebuilding, or migrating a sandbox. Help me understand how each action affects workspace state so I can avoid losing or duplicating important files.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user understand how each action affects workspace state and gives enough concrete guidance, decision criteria, verification steps, or risk framing to avoid losing or duplicating important files." + }, + { + "id": "docs-manage-sandboxes-messaging-channels-001", + "question": "I'm connecting a messaging channel. Help me let users reach the sandboxed agent through Telegram, Discord, Slack, or another channel so I can support real-world always-on interactions.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user let users reach the sandboxed agent through Telegram, Discord, Slack, or another channel and gives enough concrete guidance, decision criteria, verification steps, or risk framing to support real-world always-on interactions." + }, + { + "id": "docs-manage-sandboxes-messaging-channels-002", + "question": "I'm configuring channel credentials and processes. Help me understand what OpenShell supervises and where secrets live so I can trust the messaging integration operationally.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user understand what OpenShell supervises and where secrets live and gives enough concrete guidance, decision criteria, verification steps, or risk framing to trust the messaging integration operationally." + }, + { + "id": "docs-manage-sandboxes-messaging-channels-003", + "question": "I'm testing a new messaging channel. Help me send and receive a message through the full path so I can prove the channel, gateway, and sandboxed agent are wired correctly.", + "expected_skill": "nemoclaw-user-manage-sandboxes", + "ground_truth": "A NemoClaw-specific answer that helps the user send and receive a message through the full path and gives enough concrete guidance, decision criteria, verification steps, or risk framing to prove the channel, gateway, and sandboxed agent are wired correctly." + } +] diff --git a/skills/nemoclaw-user-manage-sandboxes/references/backup-restore.md b/skills/nemoclaw-user-manage-sandboxes/references/backup-restore.md new file mode 100644 index 0000000000..70da806410 --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/references/backup-restore.md @@ -0,0 +1,166 @@ + + +# Backup and Restore Workspace Files + +Workspace files define your agent's personality, memory, and user context. +They persist across sandbox restarts but are **permanently deleted** when you run `nemoclaw destroy`. + +This guide covers snapshot commands, manual backup with CLI commands, and an automated script. + +## When to Back Up + +- **Before running `nemoclaw destroy`** +- Before major NemoClaw version upgrades +- Periodically, if you've invested time customizing your agent + +## Snapshot Commands + +The fastest way to back up and restore sandbox state is with the built-in snapshot commands. +Snapshots capture all workspace state directories defined in the agent manifest and store them in `~/.nemoclaw/rebuild-backups//`. +Agent manifests may also declare durable top-level state files. For Hermes, +snapshots include `SOUL.md` and the SQLite database behind `.hermes/state.db` +using SQLite's online backup API, then restore that database through SQLite +instead of copying a live raw database file. +Treat snapshot directories as private local data: the Hermes database can +contain session metadata and message history needed for a faithful restore. + +```console +$ nemoclaw my-assistant snapshot create +$ nemoclaw my-assistant snapshot list +$ nemoclaw my-assistant snapshot restore +``` + +`snapshot list` prints a table of version, name, timestamp, and path. Versions (`v1`, `v2`, ..., `vN`) are computed from the timestamp order, so `vN` is always the newest snapshot. + +To tag a snapshot with a human-readable label, pass `--name`: + +```console +$ nemoclaw my-assistant snapshot create --name before-upgrade +``` + +To restore a specific snapshot instead of the latest, pass a version, name, or timestamp prefix: + +```console +$ nemoclaw my-assistant snapshot restore v3 +$ nemoclaw my-assistant snapshot restore before-upgrade +$ nemoclaw my-assistant snapshot restore 2026-04-14T +``` + +To clone a snapshot into a different sandbox name, pass `--to `. +If the destination sandbox already exists, NemoClaw refuses to overwrite it unless you pass `--force`: + +```console +$ nemoclaw my-assistant snapshot restore before-upgrade --to my-assistant-clone +$ nemoclaw my-assistant snapshot restore before-upgrade --to my-assistant-clone --force --yes +``` + +The `nemoclaw rebuild` command uses the same snapshot mechanism automatically. +Snapshot restore performs a targeted repair for legacy `.openclaw-data` symlinks that were created by older images. +Unsafe symlinks and hard links inside sandbox state are rejected during backup creation before they can enter a snapshot. +Credential-bearing Hermes files such as `auth.json` are intentionally excluded +from snapshots. NemoClaw-regenerated Hermes config files (`config.yaml` and +`.env`) are also excluded; model/provider and messaging credentials are +recreated from host-side onboarding and OpenShell provider state during rebuild. +For full details, see the Commands reference (use the `nemoclaw-user-reference` skill). + +## Manual Backup + +Use `openshell sandbox download` to copy files from the sandbox to your host. + +```console +$ SANDBOX=my-assistant +$ BACKUP_DIR=~/.nemoclaw/backups/$(date +%Y%m%d-%H%M%S) +$ mkdir -p "$BACKUP_DIR" + +$ openshell sandbox download "$SANDBOX" /sandbox/.openclaw/workspace/SOUL.md "$BACKUP_DIR/" +$ openshell sandbox download "$SANDBOX" /sandbox/.openclaw/workspace/USER.md "$BACKUP_DIR/" +$ openshell sandbox download "$SANDBOX" /sandbox/.openclaw/workspace/IDENTITY.md "$BACKUP_DIR/" +$ openshell sandbox download "$SANDBOX" /sandbox/.openclaw/workspace/AGENTS.md "$BACKUP_DIR/" +$ openshell sandbox download "$SANDBOX" /sandbox/.openclaw/workspace/MEMORY.md "$BACKUP_DIR/" +$ openshell sandbox download "$SANDBOX" /sandbox/.openclaw/workspace/memory/ "$BACKUP_DIR/memory/" +``` + +## Manual Restore + +Use `openshell sandbox upload` to push files back into a sandbox. + +```console +$ SANDBOX=my-assistant +$ BACKUP_DIR=~/.nemoclaw/backups/20260320-120000 # pick a timestamp + +$ openshell sandbox upload "$SANDBOX" "$BACKUP_DIR/SOUL.md" /sandbox/.openclaw/workspace/ +$ openshell sandbox upload "$SANDBOX" "$BACKUP_DIR/USER.md" /sandbox/.openclaw/workspace/ +$ openshell sandbox upload "$SANDBOX" "$BACKUP_DIR/IDENTITY.md" /sandbox/.openclaw/workspace/ +$ openshell sandbox upload "$SANDBOX" "$BACKUP_DIR/AGENTS.md" /sandbox/.openclaw/workspace/ +$ openshell sandbox upload "$SANDBOX" "$BACKUP_DIR/MEMORY.md" /sandbox/.openclaw/workspace/ +$ openshell sandbox upload "$SANDBOX" "$BACKUP_DIR/memory/" /sandbox/.openclaw/workspace/memory/ +``` + +## Using the Backup Script + +The repository includes a convenience script at `scripts/backup-workspace.sh`. + +### Backup + +```console +$ ./scripts/backup-workspace.sh backup my-assistant +Backing up workspace from sandbox 'my-assistant'... +Backup saved to /home/user/.nemoclaw/backups/20260320-120000/ (6 items) +``` + +### Restore + +Restore from the most recent backup: + +```console +$ ./scripts/backup-workspace.sh restore my-assistant +``` + +Restore from a specific timestamp: + +```console +$ ./scripts/backup-workspace.sh restore my-assistant 20260320-120000 +``` + +## Verifying a Backup + +List backed-up files to confirm completeness: + +```console +$ ls -la ~/.nemoclaw/backups/20260320-120000/ +AGENTS.md +IDENTITY.md +MEMORY.md +SOUL.md +USER.md +memory/ +``` + +## Multi-Agent Deployments + +When OpenClaw is configured with multiple named agents, each agent has its own +workspace directory (`workspace-main/`, `workspace-support/`, `workspace-ops/`, +and so on — see [Multi-Agent Deployments](workspace-files.md#multi-agent-deployments)). + +`nemoclaw snapshot create` automatically discovers every `workspace-*/` +directory under the sandbox state tree and includes it in the snapshot bundle +alongside the default `workspace/`. `snapshot restore` re-applies the full +per-agent set. No manual per-workspace backup pattern is needed. + +The sandbox entrypoint ensures every per-agent workspace lives directly under +the persistent `.openclaw/` tree, so state also survives `openshell sandbox restart`. + +### Shared files across agents + +Files that operators typically want consistent across every per-agent workspace +(`AGENTS.md`, shared skills, common templates) are **not** synced automatically. +Each workspace is independent; changes in one don't propagate. Operators that +need this either copy the shared files explicitly to each workspace after +editing, or maintain a host-side sync layer. Tracking shared-file tooling +(shared mount, `workspaces list` command) in +[#1260](https://github.com/NVIDIA/NemoClaw/issues/1260). + +## Next Steps + +- [Workspace Files overview](workspace-files.md) to learn what each file does +- Commands reference (use the `nemoclaw-user-reference` skill) diff --git a/skills/nemoclaw-user-manage-sandboxes/references/lifecycle-details.md b/skills/nemoclaw-user-manage-sandboxes/references/lifecycle-details.md new file mode 100644 index 0000000000..38d055b82f --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/references/lifecycle-details.md @@ -0,0 +1,26 @@ + + +# Manage Sandbox Lifecycle: Details + +## What Changes During a Rebuild + +Each rebuild destroys the existing container and creates a new one. +NemoClaw protects your data through the same backup-and-restore flow as `nemoclaw rebuild` (use the `nemoclaw-user-reference` skill): + +- NemoClaw preserves manifest-defined workspace state. Before deleting the old container, NemoClaw snapshots the state directories and durable state files defined in the agent manifest, typically `/sandbox/.openclaw/workspace/`; for Hermes this also includes `SOUL.md` and the SQLite database behind `.hermes/state.db`. Stored credentials (`~/.nemoclaw/credentials.json`) and registered policy presets live on the host and are re-applied to the new sandbox automatically. +- NemoClaw does not preserve runtime changes outside the workspace state directories. This includes packages installed inside the running container with `apt` or `pip`, files in non-workspace paths, and in-memory or process state. If you have customized the running container at runtime, capture that as `Dockerfile` changes for `nemoclaw onboard --from` or a manual `openshell sandbox download` before the rebuild starts. + +Aborts before the destroy step are non-destructive. +The flow refuses to proceed past preflight if a credential is missing or past backup if required manifest-defined state cannot be copied, so a failed run leaves the original sandbox intact and ready to retry. +When a backup command reports partial archive output, NemoClaw keeps the usable entries and reports only the manifest-defined paths that could not be archived. + +See [Backup and Restore](backup-restore.md) for the full list of state-preservation guarantees, snapshot retention, and instructions for manual backups when the auto-flow is not enough. + +**If the rebuild aborts with `Missing credential: `:** + +The rebuild preflight reads the provider credential recorded by your last `nemoclaw onboard` session. +If you have switched providers since onboarding, for example from a remote API to a local Ollama setup, the preflight may still reference the old key and fail before any destroy step runs. + +To recover, re-run `nemoclaw onboard` and select your current provider. +This refreshes the session metadata. +Your existing container keeps serving traffic until the new image is ready. diff --git a/skills/nemoclaw-user-manage-sandboxes/references/messaging-channels.md b/skills/nemoclaw-user-manage-sandboxes/references/messaging-channels.md new file mode 100644 index 0000000000..38114460ad --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/references/messaging-channels.md @@ -0,0 +1,281 @@ + + +# Messaging Channels + +Telegram, Discord, Slack, WeChat, and WhatsApp reach your OpenClaw or Hermes agent through OpenShell-managed processes and gateway constructs. +For token-based channels, NemoClaw registers credentials with OpenShell providers. +WeChat captures a token through a host-side QR scan during onboarding. +WhatsApp pairs inside the sandbox via QR scan and intentionally stores mutable session state there. +NemoClaw bakes the selected channel configuration into the sandbox image and keeps runtime delivery under OpenShell control. + +**Experimental Channels:** + +WeChat and WhatsApp are experimental. +Both rely on QR-based pairing flows that are more fragile than token-based bots, and the upstream client libraries can change behavior without notice. +Interfaces, defaults, and supported features may change, and these channels are not recommended for production use. + +You can enable channels during `nemoclaw onboard` or add them later with host-side `nemoclaw channels` commands. +Do not run agent-specific channel mutation commands such as `openclaw channels add` or `openclaw channels remove` inside the sandbox because NemoClaw generates `/sandbox/.openclaw/openclaw.json` for OpenClaw and `/sandbox/.hermes/.env` for Hermes at image build time, and changes inside the running container do not persist across rebuilds. + +`nemoclaw tunnel start` does not start Telegram, Discord, Slack, or other chat bridges. +It only starts optional host services such as the cloudflared tunnel when that binary is present. (`nemoclaw start` is kept as a deprecated alias.) +For details, refer to Commands (use the `nemoclaw-user-reference` skill). + +## Prerequisites + +- A machine where you can run `nemoclaw onboard` (local or remote host that runs the gateway and sandbox). +- A token for each token-based messaging platform you want to enable, a personal WeChat account on your phone for the host-side QR scan during onboarding, or a phone you can use to scan the QR code for WhatsApp pairing. +- A network policy preset for each enabled channel, or equivalent custom egress rules. + +## Channel Requirements + +| Channel | Required tokens | Optional settings | +|---------|-----------------|-------------------| +| Telegram | `TELEGRAM_BOT_TOKEN` | `TELEGRAM_ALLOWED_IDS` for DM allowlisting, `TELEGRAM_REQUIRE_MENTION` for group-chat replies | +| Discord | `DISCORD_BOT_TOKEN` | `DISCORD_SERVER_ID`, `DISCORD_USER_ID`, `DISCORD_REQUIRE_MENTION` | +| Slack | `SLACK_BOT_TOKEN`, `SLACK_APP_TOKEN` | `SLACK_ALLOWED_USERS` for DM and channel `@mention` user allowlisting, `SLACK_ALLOWED_CHANNELS` for channel ID allowlisting | +| WeChat (experimental) | None. Captured via host-side QR scan during `nemoclaw onboard` | `WECHAT_ALLOWED_IDS` for DM allowlisting | +| WhatsApp (experimental) | None. Pair via QR after rebuild | None | + +Telegram uses a bot token from [BotFather](https://t.me/BotFather). +Open Telegram, send `/newbot` to [@BotFather](https://t.me/BotFather), follow the prompts, and copy the token. +For Telegram group chats, disable privacy mode before testing group replies: in @BotFather, run `/setprivacy`, choose the bot, then choose **Disable**. +After changing privacy mode, remove the bot from each Telegram group and add it back so Telegram applies the new delivery setting to that group. +`TELEGRAM_ALLOWED_IDS` is a comma-separated list of Telegram user IDs for DM access. +Group chats stay open by default so rebuilt sandboxes do not silently drop Telegram group messages because of an empty group allowlist. +Set `TELEGRAM_REQUIRE_MENTION=1` to make the bot reply in Telegram groups only when users mention it. +Pairing and `TELEGRAM_ALLOWED_IDS` still govern direct messages. + +Discord uses a bot token from the Discord Developer Portal. +For server channels, enable Developer Mode in Discord, right-click the server, and copy the Server ID into `DISCORD_SERVER_ID`. +By default, NemoClaw configures the bot to reply only when mentioned. +Set `DISCORD_REQUIRE_MENTION=0` if you want it to reply to all messages in the configured server. +Set `DISCORD_USER_ID` to restrict access to one user; otherwise, any member of the configured server can message the bot. + +Slack uses Socket Mode and requires two tokens. +Use `SLACK_BOT_TOKEN` for the bot user OAuth token (`xoxb-...`) and `SLACK_APP_TOKEN` for the app-level Socket Mode token (`xapp-...`). +Set `SLACK_ALLOWED_USERS` to comma-separated Slack member IDs to authorize those users for DMs and for channel `@mention` events in channels where the Slack app is present. +Set `SLACK_ALLOWED_CHANNELS` to comma-separated Slack channel IDs to restrict channel `@mention` handling to those channels. +When both Slack allowlists are set, NemoClaw requires the mention to come from one of the allowed channels and one of the allowed members. +Channel messages still require an explicit bot mention. + +WeChat (experimental) delivers messages over Tencent's iLink gateway via the upstream `@tencent-weixin/openclaw-weixin` plugin baked into the sandbox base image and the built-in Hermes iLink WeChat adapter. +The supported mode in this release is **personal WeChat** (`bot_type=3`). +WeChat Official Account and WeCom/Enterprise WeChat are not wired up. + +Because the bot token only exists after a successful iLink QR handshake, NemoClaw runs the QR login on the host during `nemoclaw onboard`. +You scan the QR with WeChat on your phone (Discover → Scan), confirm the login, and NemoClaw captures the token, `accountId`, `baseUrl`, and `userId` from the iLink response. +NemoClaw registers the token as the `-wechat-bridge` OpenShell provider and substitutes the `openshell:resolve:env:WECHAT_BOT_TOKEN` placeholder for it inside the sandbox, so the token never lands in the image or on disk inside the running container. +The non-secret per-account metadata (`WECHAT_ACCOUNT_ID`, `WECHAT_BASE_URL`, `WECHAT_USER_ID`) is baked into the sandbox image so the in-sandbox bridge can pre-seed the per-account context tokens without re-running the QR handshake. + +WeChat is DM-only (`allowIdsMode: "dm"`). +NemoClaw adds the operator who scanned the QR to `WECHAT_ALLOWED_IDS` automatically, and you can append more comma-separated WeChat user IDs through the same env var. +You can silence the host-side `[wechat]` diagnostic lines (poll status, IDC redirects, swallowed gateway errors) by exporting `NEMOCLAW_WECHAT_QUIET=1` once the flow is stable in your environment. + +Tencent's iLink gateway is a third-party service. +Review your organization's terms-of-service, compliance, and data-residency constraints before enabling WeChat. + +WhatsApp (experimental) Web does not use a host-side token or OpenShell credential provider. +NemoClaw advertises WhatsApp for both OpenClaw and Hermes sandboxes, and each agent completes pairing with its own in-sandbox command. +Pairing happens inside the sandbox after the rebuild completes and creates mutable session credentials there. +Run `openshell term` and then use the agent-specific pairing command to render the QR code in the terminal: + +```console +$ openclaw channels login --channel whatsapp # OpenClaw sandboxes +$ hermes whatsapp # Hermes sandboxes +``` + +Session credentials are generated and stored inside durable agent state (`whatsapp` for OpenClaw, `platforms/whatsapp` for Hermes), so they survive rebuilds without re-pairing. +This is the runtime tradeoff of enabling WhatsApp without a host bridge: a paired sandbox can use that WhatsApp account until you unpair it or clear the durable state. +NemoClaw cannot detect cross-sandbox WhatsApp conflicts the way it does for token-based channels. +Pair only one sandbox per WhatsApp account at a time. + +## Enable Channels During Onboarding + +When the wizard reaches **Messaging channels**, it lists Telegram, Discord, Slack, WeChat, and WhatsApp. +Press a channel number to toggle it on or off, then press **Enter** when done. +If a token-based channel token is not already in the environment or credential store, the wizard prompts for it and saves it. + +If you enable WeChat (experimental), the wizard does not prompt for a paste token. +Instead, it renders a QR code in your terminal, polls Tencent's iLink gateway, and captures the bot token after you scan the QR with WeChat on your phone. +The login has an eight-minute deadline, refreshes the QR up to three times on expiry, and follows iLink's IDC redirects automatically. +Keep the terminal in the foreground until you see `✓ WeChat login confirmed`. + +WhatsApp (experimental) uses QR pairing instead of a host-side token, so the wizard does not prompt. +It prints pairing instructions and you complete the pairing inside the sandbox after rebuild. +NemoClaw also selects the matching network policy preset during policy setup so the channel can reach its provider API. + +For scripted setup, export the credentials and optional settings for the channels you want to enable before you run onboarding: + +```console +$ export TELEGRAM_BOT_TOKEN= +$ export TELEGRAM_REQUIRE_MENTION=1 +$ export DISCORD_BOT_TOKEN= +$ export DISCORD_SERVER_ID= +$ export SLACK_BOT_TOKEN= +$ export SLACK_APP_TOKEN= +$ export SLACK_ALLOWED_USERS= +$ export SLACK_ALLOWED_CHANNELS= +``` + +This release does not support non-interactive WeChat configuration because the iLink QR handshake requires a human to scan the QR on a paired phone. +Run `nemoclaw onboard` interactively when you want to enable WeChat. + +Then run onboarding: + +```console +$ nemoclaw onboard +``` + +Complete the rest of the wizard so the blueprint can create OpenShell providers where needed (for example `-telegram-bridge` or `-wechat-bridge`), bake channel configuration into the image (`NEMOCLAW_MESSAGING_CHANNELS_B64`), and start the sandbox. + +## Add Channels After Onboarding + +Run channel commands from the host, not from inside the sandbox. +Use `channels list` to see the supported channel names: + +```console +$ nemoclaw my-assistant channels list +``` + +Add the channel you want: + +```console +$ nemoclaw my-assistant channels add telegram +$ nemoclaw my-assistant channels add discord +$ nemoclaw my-assistant channels add slack +$ nemoclaw my-assistant channels add wechat +$ nemoclaw my-assistant channels add whatsapp +``` + +`channels add` collects whatever each channel needs. +It prompts for Telegram, Discord, and Slack tokens, runs an interactive host-side QR scan for WeChat, and collects nothing for WhatsApp because pairing happens in-sandbox after rebuild. +It registers bridge providers with the OpenShell gateway when tokens were captured, records the channel in the sandbox registry, and asks whether to rebuild immediately. +The command accepts mixed-case input such as `Telegram`, then stores and prints the canonical lowercase channel name. +If a matching built-in network policy preset exists, `channels add` applies it to the sandbox automatically before the rebuild so the bridge has egress to its upstream API. +If applying the preset fails, NemoClaw warns and tells you to re-apply manually with `nemoclaw policy-add ` after the rebuild. +Choose the rebuild so the running sandbox image picks up the new channel. +If you need optional channel settings such as `TELEGRAM_ALLOWED_IDS`, `TELEGRAM_REQUIRE_MENTION`, `DISCORD_SERVER_ID`, `DISCORD_USER_ID`, `DISCORD_REQUIRE_MENTION`, `SLACK_ALLOWED_USERS`, or `SLACK_ALLOWED_CHANNELS`, export them before the rebuild starts. +If you defer the rebuild, apply the change later: + +```console +$ nemoclaw my-assistant rebuild +``` + +In non-interactive mode, set the required environment variables before running `channels add`. +Missing credentials fail fast, and the command queues the change for a manual rebuild: + +```console +$ NEMOCLAW_NON_INTERACTIVE=1 TELEGRAM_BOT_TOKEN= \ + nemoclaw my-assistant channels add telegram +$ nemoclaw my-assistant rebuild +``` + +For Discord server access after onboarding, include the server settings when you add the channel and rebuild: + +```console +$ DISCORD_BOT_TOKEN= \ + DISCORD_SERVER_ID= \ + DISCORD_REQUIRE_MENTION=1 \ + nemoclaw my-assistant channels add discord +``` + +### `channels add wechat` + +`channels add wechat` (experimental) follows the same shape as the other channels with two differences driven by the iLink QR handshake. + +First, the command does not prompt for a paste token. +Instead, it renders a QR code in your terminal, polls Tencent's iLink gateway, and captures both the bot token and the per-account metadata (`accountId`, `baseUrl`, `userId`) once you scan the QR with WeChat on your phone (Discover → Scan). +The login has an eight-minute deadline and refreshes the QR up to three times on expiry. +Keep the terminal in the foreground until you see `✓ WeChat login confirmed`. + +Second, the command requires an interactive terminal. +Non-interactive mode (`NEMOCLAW_NON_INTERACTIVE=1`) fails fast with a clear error because the QR handshake needs a paired phone. + +```console +$ nemoclaw my-assistant channels add wechat +``` + +If `WECHAT_BOT_TOKEN` is already cached for this sandbox (the operator onboarded with WeChat earlier), `channels add wechat` reuses the cached token and skips the QR scan to keep the upstream plugin's existing iLink session intact. +Re-running QR would invalidate that session. +Use `channels remove wechat` first if you intend to acquire a fresh account. + +## Rotate or Remove Credentials + +Running `channels add` for a channel that is already configured overwrites the stored tokens and registers the updated bridge provider. +For WeChat the cached-token short-circuit applies. +See [`channels add wechat`](#channels-add-wechat) for how to acquire a fresh account. +Rebuild the sandbox after the update so the image reflects the current channel set. + +To remove a channel and clear its stored credentials, run: + +```console +$ nemoclaw my-assistant channels remove telegram +$ nemoclaw my-assistant channels remove wechat +``` + +`channels remove wechat` clears the bot token, deletes the `-wechat-bridge` OpenShell provider, and drops `wechat` from the sandbox's enabled-channel set. +The next rebuild produces an image without the WeChat channel block in `openclaw.json` and without the per-account state files under `/sandbox/.openclaw/openclaw-weixin/`. + +For in-sandbox QR-paired channels (today: WhatsApp), `channels remove` destructively clears the in-sandbox session directory before the rebuild so the next rebuild does not restore stale auth files and reconnect the channel. +The cleanup targets `/sandbox/.openclaw//` for OpenClaw and `/sandbox/.hermes/platforms//` for Hermes. +The cleanup tries `openshell sandbox exec` and falls back to SSH if that does not produce the success sentinel. +If neither transport can reach a running sandbox for a QR-paired channel, the command exits non-zero and asks you to start the sandbox and re-run. +NemoClaw deliberately leaves the registry, policy preset, and `session.policyPresets` unchanged on that failure path, so a follow-up re-run completes the removal cleanly. + +`channels remove whatsapp` clears the client-side Baileys session inside the sandbox; it cannot deregister the linked device with WhatsApp's servers because that requires an active Baileys connection to issue the logout RPC, which we no longer have once the session files are gone. +The phone account will continue to list the sandbox as a Linked Device until you remove it manually from your phone (Settings → Linked Devices → tap the entry → Log out) or until WhatsApp's 14-day inactivity timeout expires. +Removing the entry from the phone is recommended if you plan to re-pair the same phone with a different sandbox. + +Use `channels stop` when you want to pause a bridge without deleting credentials: + +```console +$ nemoclaw my-assistant channels stop telegram +$ nemoclaw my-assistant channels start telegram + +$ nemoclaw my-assistant channels stop wechat +$ nemoclaw my-assistant channels start wechat +``` + +For WeChat specifically, `channels stop wechat` followed by a rebuild keeps the per-account state files under `/sandbox/.openclaw/openclaw-weixin/accounts/` intact even though the bridge is no longer wired up in `openclaw.json`. +A subsequent `channels start wechat` plus rebuild revives the bridge against the same iLink account without a fresh QR scan. +The bot token is held by the OpenShell provider across the stop/start cycle. + +Telegram, Discord, Slack, and WeChat each allow only one active consumer per channel credential. +Multiple sandboxes can use the same channel type at the same time when each sandbox uses a distinct bot/app token (or a distinct WeChat iLink bot account). +For example, two Telegram sandboxes can DM the same `TELEGRAM_ALLOWED_IDS` account as long as they use different `TELEGRAM_BOT_TOKEN` values. +For WeChat, each sandbox must own a distinct iLink `accountId` (bot identity). +Running two sandboxes against the same WeChat account causes one of them to lose messages. +If you enable a messaging channel and another sandbox already uses the same token, onboarding prompts you to confirm before continuing in interactive mode and exits non-zero in non-interactive mode. +If NemoClaw only has legacy channel metadata and cannot compare credential hashes, it keeps the conservative warning. +Re-run `channels add ` with the intended token to refresh the stored non-secret hash. +`nemoclaw status` reports cross-sandbox overlaps so you can resolve duplicates before messages start dropping. + +## Stop Messaging Delivery + +Use `channels stop` when you want to pause one bridge and keep the sandbox running. +Use `nemoclaw tunnel stop` or its deprecated alias `nemoclaw stop` when you want to stop host auxiliary services and also ask NemoClaw to stop the OpenClaw gateway inside the selected sandbox. +Stopping the in-sandbox gateway stops Telegram, Discord, Slack, WeChat, and WhatsApp polling for that sandbox until you restart the sandbox or gateway. + +## Confirm Delivery + +After the sandbox is running, send a message to the configured bot or app. +If delivery fails, use `openshell term` on the host, check gateway logs, and verify network policy allows the channel API. +Use the matching policy preset (`telegram`, `discord`, `slack`, `wechat`, or `whatsapp`) or review Common Integration Policy Examples (use the `nemoclaw-user-manage-policy` skill). + +## Tunnel Command + +When the host has `cloudflared`, `nemoclaw tunnel start` starts a cloudflared tunnel that can expose the dashboard with a public URL. +Set `CLOUDFLARE_TUNNEL_TOKEN` before running the command when you want to use a Cloudflare named tunnel instead of a generated quick-tunnel URL. +`nemoclaw tunnel stop` stops the tunnel and asks NemoClaw to stop the in-sandbox gateway for the selected or default sandbox. +The older `nemoclaw start` still works as a deprecated alias. + +```console +$ nemoclaw tunnel start +``` + +## Related Topics + +- Deploy NemoClaw to a Remote GPU Instance (use the `nemoclaw-user-deploy-remote` skill) for remote deployment with messaging. +- Architecture (use the `nemoclaw-user-reference` skill) for how providers, the gateway, and the sandbox fit together. +- Commands (use the `nemoclaw-user-reference` skill) for `channels add`, `channels remove`, `channels start`, `channels stop`, `tunnel start`, `tunnel stop`, and `status`. diff --git a/skills/nemoclaw-user-manage-sandboxes/references/runtime-controls.md b/skills/nemoclaw-user-manage-sandboxes/references/runtime-controls.md new file mode 100644 index 0000000000..9450277507 --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/references/runtime-controls.md @@ -0,0 +1,41 @@ + + +# Runtime Controls and Sandbox Mutability + +This page explains which parts of a running NemoClaw sandbox can change immediately and which changes require a rebuild or re-onboard. + +## What you can change at runtime + +NemoClaw applies its security posture in three layers — what is baked into the sandbox image at onboard, what is hot-reloadable on the running sandbox, and what requires a rebuild or re-onboard. +The table below maps each commonly changed item to the layer that owns it and the command that changes it. + +| Item | When the change takes effect | How to change it | +|---|---|---| +| Inference provider (cloud, NVIDIA Endpoints, local Ollama / vLLM, compatible-endpoint, …) | Rebuild required (`openclaw.json` is locked at sandbox creation) | `nemoclaw rebuild` after picking a different provider via `nemoclaw inference set` | +| Inference model on the current provider | Rebuild required for OpenClaw; hot-reloadable for managed routers | `nemoclaw rebuild` (OpenClaw) or `nemoclaw inference set` (router-based) | +| Sub-agent (Hermes / OpenClaw / …) | Re-onboard required (the sub-agent and its workspace are baked at onboard) | `nemoclaw onboard --recreate-sandbox` | +| Network policy preset (slack, discord, telegram, brave, …) | Runtime — applies on the next request; rebuild only required if the preset adds bind-mounted secrets | `nemoclaw policy-add ` / `policy-remove ` | +| Network allow-list (custom hosts) | Runtime — picks up at next request | `openshell policy set` or interactive approval prompt at the gateway | +| Channel tokens (Slack / Discord / Telegram bot credentials) | Rebuild required (tokens are baked into the sandbox image at onboard so they never leave the host clear-text) | `nemoclaw channels add ` then accept the rebuild prompt | +| Channel enable/disable (turn a configured channel off without removing the token) | Rebuild required (`openclaw.json` is the source of truth at runtime, see #3453) | `nemoclaw channels stop ` then rebuild | +| Dashboard forward port | Runtime — port is re-resolved on next `connect` | `NEMOCLAW_DASHBOARD_PORT= nemoclaw connect` | +| Dashboard bind address (loopback vs all interfaces) | Runtime — applies on next `connect` | `NEMOCLAW_DASHBOARD_BIND=0.0.0.0 nemoclaw connect` (see #3259) | +| Web search backend (Brave, Tavily, etc.) | Runtime via `web.backend` config flag; rebuild only if `web.fetchEnabled` flips | `nemoclaw config set --key web.backend --value tavily` | +| Filesystem layout (Landlock zones, read-only mounts, container caps) | **Locked at creation** — no runtime change | Re-onboard with `nemoclaw onboard --recreate-sandbox` | +| Sandbox name | **Locked at creation** | Re-onboard with a different `--name` | +| GPU passthrough enable / device selector | **Locked at creation** | Re-onboard with `--gpu` / `--sandbox-gpu-device` | +| Agents allow-list (`agents.list` in `openclaw.json`) | Runtime — hot-reloaded by OpenClaw on config change | Prefer agent or NemoClaw commands that keep host and sandbox state aligned | +| `openclaw.json` keys (general — model, agents.list, web.backend, channel config, etc.) | Mixed. Individual keys still follow the rebuild rules in the rows above, such as provider switch requiring rebuild even after editing the JSON. | Prefer NemoClaw host commands so the host registry and rebuilt image stay aligned | + +If a row above conflicts with what you observe, the runtime source of truth inside the sandbox is `/opt/nemoclaw/openclaw.json`; the host registry caches metadata but the image and OpenClaw read from the in-sandbox file. + +## See also + +The mutability table above is a consolidated index of information that lives in more detail on per-topic pages: + +- [Manage Sandbox Lifecycle](../SKILL.md) — full rebuild / re-onboard / upgrade workflow. +- Switch Inference Providers (use the `nemoclaw-user-configure-inference` skill) — the rebuild path for provider and model changes. +- Customize Network Policy (use the `nemoclaw-user-manage-policy` skill) and Approve Network Requests (use the `nemoclaw-user-manage-policy` skill) — runtime policy editing and operator approval flow. +- Security Best Practices (use the `nemoclaw-user-configure-security` skill) — the per-attack-surface posture table that this page complements. +- OpenClaw Security Controls (use the `nemoclaw-user-configure-security` skill) — application-layer controls that operate independently of NemoClaw. +- CLI Commands Reference (use the `nemoclaw-user-reference` skill) — full flag surface for every `nemoclaw` command, including the env vars that affect runtime behavior. diff --git a/skills/nemoclaw-user-manage-sandboxes/references/workspace-files.md b/skills/nemoclaw-user-manage-sandboxes/references/workspace-files.md new file mode 100644 index 0000000000..b8b0731df8 --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/references/workspace-files.md @@ -0,0 +1,105 @@ + + +# Workspace Files + +OpenClaw stores its personality, user context, and behavioral configuration in a set of Markdown files inside the sandbox. +These files live at `/sandbox/.openclaw/workspace/` and are collectively called **workspace files**. + +## File Reference + +| File | Purpose | +|---|---| +| `SOUL.md` | Defines the agent's persona, tone, and communication style. | +| `USER.md` | Stores information about the human the agent assists. | +| `IDENTITY.md` | Short identity card — name, language, emoji, creature type. | +| `AGENTS.md` | Behavioral rules, memory conventions, safety guidelines, and session workflow. | +| `MEMORY.md` | Curated long-term memory distilled from daily notes. | +| `memory/` | Directory of daily note files (`YYYY-MM-DD.md`) for session continuity. | + +## Where They Live + +All workspace files reside inside the sandbox filesystem: + +```text +/sandbox/.openclaw/workspace/ +├── AGENTS.md +├── IDENTITY.md +├── MEMORY.md +├── SOUL.md +├── USER.md +└── memory/ + ├── 2026-03-18.md + └── 2026-03-19.md +``` + +## Multi-Agent Deployments + +A single NemoClaw sandbox can host more than one OpenClaw agent. +When OpenClaw is configured with multiple named agents (e.g., a shared `main` agent +plus per-user agents for a Teams-integrated deployment), each agent gets its own +workspace directory alongside the default `workspace/`: + +```text +/sandbox/.openclaw/ +├── workspace/ # default agent (single-agent deployments) +├── workspace-main/ # named agent "main" +├── workspace-support/ # named agent "support" +└── workspace-ops/ # named agent "ops" +``` + +Each per-agent workspace contains the same Markdown file structure as the default +(`SOUL.md`, `USER.md`, `IDENTITY.md`, `AGENTS.md`, `MEMORY.md`, `memory/`). +Files are per-agent — changes in `workspace-main/AGENTS.md` are not visible to +`workspace-support/`. + +Persistence and snapshots are handled automatically for per-agent workspaces: +the sandbox entrypoint provisions each `workspace-/` directly under the +writable `.openclaw/` tree so state survives sandbox restart, and +`nemoclaw snapshot create` discovers every `workspace-/` directory +and includes it in the snapshot bundle alongside the default `workspace/`. + +**Note:** + +Files that operators typically want consistent across every agent workspace +(`AGENTS.md`, shared skills, common templates) are not synced automatically. +Each workspace is independent; changes in one don't propagate. Tracking +shared-file tooling (shared mount, `workspaces list` command) in +[#1260](https://github.com/NVIDIA/NemoClaw/issues/1260). + +## Persistence Behavior + +Workspace files live in the sandbox's persistent state volume, not in the container image. +This means they survive normal container restarts, but they are deleted when you destroy the sandbox. + +### Preserved During Restart, Rebuild, and Upgrade + +Sandbox restarts preserve workspace files because the persistent state volume outlives individual container restarts. + +The `nemoclaw rebuild` command and the sandbox upgrade flow also preserve workspace state. +Before replacing the container, NemoClaw snapshots the workspace state directories and restores them into the rebuilt sandbox. +If NemoClaw cannot archive any requested state file or directory, it reports the backup failure and stops before replacing the sandbox. +It does not continue with a partial backup. + +### Deleted During Sandbox Destroy + +Running `nemoclaw destroy` deletes the sandbox and its persistent state volume. +Workspace files are removed from the sandbox unless you created a snapshot or backup first. + +**Warning:** + +Back up your workspace files before running `nemoclaw destroy`. +See [Backup and Restore](backup-restore.md) for instructions. + +## Editing Workspace Files + +The agent reads these files at the start of every session. +You can edit them in two ways: + +1. Ask your agent to update its persona, memory, or user context. +2. Use `nemoclaw connect` to open a terminal inside the sandbox and edit files directly, or use `openshell sandbox upload` to push edited files from your host. + +## Next Steps + +- Set Up Task-Specific Sub-Agents (use the `nemoclaw-user-configure-inference` skill) +- [Backup and Restore workspace files](backup-restore.md) +- Commands reference (use the `nemoclaw-user-reference` skill) diff --git a/skills/nemoclaw-user-manage-sandboxes/skill-card.md b/skills/nemoclaw-user-manage-sandboxes/skill-card.md new file mode 100644 index 0000000000..368cbef04c --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/skill-card.md @@ -0,0 +1,52 @@ +## Description:
+Explains operational tasks after the quickstart: listing sandboxes, status and health checks, logs, diagnostics, port forwards, multiple sandboxes, credential reset, rebuilds, network presets, upgrades, and uninstall.
+ +This skill is ready for commercial/non-commercial use.
+ +## Owner +NVIDIA
+ +### License/Terms of Use:
+Apache 2.0
+## Use Case:
+End users and developers who need to manage NemoClaw sandbox lifecycle operations after initial setup, including health monitoring, diagnostics, credential management, rebuilds, upgrades, and uninstallation.
+ +### Deployment Geography for Use:
+Global
+ +## Known Risks and Mitigations:
+Risk: Review before execution as proposals could introduce incorrect or misleading guidance into skills.
+Mitigation: Review and scan skill before deployment.
+ +## Reference(s):
+- [Runtime Controls](references/runtime-controls.md)
+- [Backup and Restore](references/backup-restore.md)
+- [Messaging Channels](references/messaging-channels.md)
+- [Workspace Files](references/workspace-files.md)
+- [Lifecycle Details](references/lifecycle-details.md)
+ + +## Skill Output:
+**Output Type(s):** [Shell commands, Configuration instructions]
+**Output Format:** [Markdown with inline bash code blocks]
+**Output Parameters:** [1D]
+**Other Properties Related to Output:** [None]
+ +## Evaluation Metrics Used:
+Reported benchmark dimensions:
+- Security: Checks whether skill-assisted execution avoids unsafe behavior such as secret leakage, destructive commands, or unauthorized access.
+- Correctness: Checks whether the agent follows the expected workflow and produces the correct final output.
+- Discoverability: Checks whether the agent loads the skill when relevant and avoids using it when irrelevant.
+- Effectiveness: Checks whether the agent performs measurably better with the skill than without it.
+- Efficiency: Checks whether the agent uses fewer tokens and avoids redundant work.
+ + + +## Skill Version(s):
+0.1.0 (source: package.json)
+ +## Ethical Considerations:
+NVIDIA believes Trustworthy AI is a shared responsibility and we have established policies and practices to enable development for a wide array of AI applications. When downloaded or used in accordance with our terms of service, developers should work with their internal team to ensure this skill meets requirements for the relevant industry and use case and addresses unforeseen product misuse.
+ +(For Release on NVIDIA Platforms Only)
+Please report quality, risk, security vulnerabilities or NVIDIA AI Concerns [here](https://app.intigriti.com/programs/nvidia/nvidiavdp/detail).
diff --git a/skills/nemoclaw-user-manage-sandboxes/skill.oms.sig b/skills/nemoclaw-user-manage-sandboxes/skill.oms.sig new file mode 100644 index 0000000000..2eaf7b3c50 --- /dev/null +++ b/skills/nemoclaw-user-manage-sandboxes/skill.oms.sig @@ -0,0 +1 @@ +{"mediaType":"application/vnd.dev.sigstore.bundle.v0.3+json","verificationMaterial":{"x509CertificateChain":{"certificates":[{"rawBytes":"MIICgzCCAgmgAwIBAgIUKIyS7SxNteQIiWzK1dWj85E6520wCgYIKoZIzj0EAwMwVTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjEpMCcGA1UEAwwgTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBJQ0EgMDEwHhcNMjYwNDAxMDAwMDAwWhcNMjgwNDIyMTUzMzA5WjBUMQswCQYDVQQGEwJVUzEbMBkGA1UECgwSTlZJRElBIENvcnBvcmF0aW9uMSgwJgYDVQQDDB9OVklESUEgQWdlbnQgU2tpbGxzIFNpZ25pbmcgMDAxMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEYoRM9bQl/dGlwSRNi6bTpIJUXH8Nv9GciP6LSflJYYMLCc296kpyuTSsk5ddbAWiDcFX3C/ydX3jwc+qCLYP6uHy9XphyLjOQ27Yb2J6rBLVtRBS1mgGco/Gr7fL6ODco4GaMIGXMB0GA1UdDgQWBBRQ/5ZW3nJ6lmo9SVk7I15o7UGmpTAfBgNVHSMEGDAWgBRPGpILxMBBleJSsBGjrMKsby1CgjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLm5kaXMubnZpZGlhLmNvbTAKBggqhkjOPQQDAwNoADBlAjAUygu/GiOCIXrgGr4SmLgeEVDcEitfFUv7ALbvLVGVyMysB3mxmO/uInZfXzWcJZsCMQDxuoxj4ZmO30jhkPIcCxGFCOvnUsnfU3TfGcouYm4M6iRpbKvtVnHPiy4bi6pcKf0="},{"rawBytes":"MIICiDCCAg6gAwIBAgIUZsIuSv9NkpJCNqtYEfCouVv5BzowCgYIKoZIzj0EAwMwUTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjElMCMGA1UEAwwcTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBDQTAgFw0yNjA0MDEwMDAwMDBaGA85OTk5MTIzMTIzNTk1OVowVTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjEpMCcGA1UEAwwgTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBJQ0EgMDEwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASI72cR3ctKGg4VWnB3bNja6g1Z2PnOmFEopkPof+QeIcPk9rT+g9MjJnq51EQXL93a7C2GJ9J985G4o2V85VD7wJ1RaXhluHW2rf3y8bQGeAYaKMr5s/hUgn+M3/9WlWejgaAwgZ0wHQYDVR0OBBYEFE8akgvEwEGV4lKwEaOswqxvLUKCMB8GA1UdIwQYMBaAFItnoAjjfuCEUvzyvWyI2vOGvwPjMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AubmRpcy5udmlkaWEuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCeIMMfAbyzPDacw2MxG+Yt1cikrJX/DVxiGfXuHmkkXn6VgSzE79+lkqDErpVO2gYCMCNEColOyvUvkzZGUEI1hQ3PfMgi3FIo9tHoBKMw4/wGBLFpu/0ubtmbBXM6/UMOEw=="},{"rawBytes":"MIICRTCCAcygAwIBAgIUeJdY3rV86EdvFmG7L8LJBsyQFYkwCgYIKoZIzj0EAwMwUTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjElMCMGA1UEAwwcTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBDQTAgFw0yNjA0MDEwMDAwMDBaGA85OTk5MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxGzAZBgNVBAoMEk5WSURJQSBDb3Jwb3JhdGlvbjElMCMGA1UEAwwcTlZJRElBIEFnZW50IENhcGFiaWxpdGllcyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABAYpiXCDjJ9NT2eSDhyHJVSw1Tbze18cGG2F/578oWvHxg23eQAhNRYdq88i1iOshZSO6C29doKui5Xpmo/7Ctw9Sx4PP2RzOmIuOLCuTdNtKcTRwi4GEsd5BAFvWj42M6NjMGEwHQYDVR0OBBYEFItnoAjjfuCEUvzyvWyI2vOGvwPjMB8GA1UdIwQYMBaAFItnoAjjfuCEUvzyvWyI2vOGvwPjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cAMGQCMCwtAjWLaNwgGWNCgdyNoTyvNhqWRECRJV2r3+7w8g0PL6NHLOsbkgE09BH95h8XlgIwTaQmbbUh2ChAJ5TA1wRiVDnCcvbzHlZl2jM2FcwQQZlk19LOAbyGMRixbu2Ww/rj"}]},"tlogEntries":[]},"dsseEnvelope":{"payload":"ewogICJfdHlwZSI6ICJodHRwczovL2luLXRvdG8uaW8vU3RhdGVtZW50L3YxIiwKICAic3ViamVjdCI6IFsKICAgIHsKICAgICAgIm5hbWUiOiAibmVtb2NsYXctdXNlci1tYW5hZ2Utc2FuZGJveGVzIiwKICAgICAgImRpZ2VzdCI6IHsKICAgICAgICAic2hhMjU2IjogIjMzMTIxNWEwMDNhMzc5MDM5MjJkNzI5OTJhN2EyN2ViOWNmYjhhNDE1NDkyMWI3ZjFlMDY5MTk4ODljNGQzZDMiCiAgICAgIH0KICAgIH0KICBdLAogICJwcmVkaWNhdGVUeXBlIjogImh0dHBzOi8vbW9kZWxfc2lnbmluZy9zaWduYXR1cmUvdjEuMCIsCiAgInByZWRpY2F0ZSI6IHsKICAgICJyZXNvdXJjZXMiOiBbCiAgICAgIHsKICAgICAgICAiYWxnb3JpdGhtIjogInNoYTI1NiIsCiAgICAgICAgIm5hbWUiOiAiQkVOQ0hNQVJLLm1kIiwKICAgICAgICAiZGlnZXN0IjogIjU0N2UwY2RiMjhkMTFkMjdlNTVlN2FkYmFiZmQ0YjBmOTk1OWFhNWEzYjk2NGRjZjVkYTc1NzgxYTZmZDQ3OTUiCiAgICAgIH0sCiAgICAgIHsKICAgICAgICAiYWxnb3JpdGhtIjogInNoYTI1NiIsCiAgICAgICAgIm5hbWUiOiAiU0tJTEwubWQiLAogICAgICAgICJkaWdlc3QiOiAiMTI3ZmU1MzY3NGUxYzQ5NGFjYjMzMmUzZDZhODJmMmFmZDhlOWExNjJiOGExZWIyMTMwYzA5ZGNkODExNjYzNCIKICAgICAgfSwKICAgICAgewogICAgICAgICJhbGdvcml0aG0iOiAic2hhMjU2IiwKICAgICAgICAibmFtZSI6ICJldmFscy9ldmFscy5qc29uIiwKICAgICAgICAiZGlnZXN0IjogIjYxNDZjYmNhZWQxNGE0MmVkY2M4OWNhYTI2NDNiYjg0YjQ5YzQyM2I2ZjQxYjg4ODRhYjZmOWE3ZmRlOTUxYzgiCiAgICAgIH0sCiAgICAgIHsKICAgICAgICAiYWxnb3JpdGhtIjogInNoYTI1NiIsCiAgICAgICAgIm5hbWUiOiAicmVmZXJlbmNlcy9iYWNrdXAtcmVzdG9yZS5tZCIsCiAgICAgICAgImRpZ2VzdCI6ICJjZjczNDg1ODQxN2FlNGNmYmU1MzM0Y2Y0ODdkZTkzNTE3ODU4Y2I3MmRiMTdhMDUwYWI5ZGNjNWQ4N2ZiMTk0IgogICAgICB9LAogICAgICB7CiAgICAgICAgImFsZ29yaXRobSI6ICJzaGEyNTYiLAogICAgICAgICJuYW1lIjogInJlZmVyZW5jZXMvbGlmZWN5Y2xlLWRldGFpbHMubWQiLAogICAgICAgICJkaWdlc3QiOiAiMTVkZGZkNmJjMWJkYmM2OGYzMWI1NGU5M2I0YTMyYWEwYzhhZGIxNDkwNjEzZDE2NTJjMWQ2MzYxNDhkYzExNiIKICAgICAgfSwKICAgICAgewogICAgICAgICJhbGdvcml0aG0iOiAic2hhMjU2IiwKICAgICAgICAibmFtZSI6ICJyZWZlcmVuY2VzL21lc3NhZ2luZy1jaGFubmVscy5tZCIsCiAgICAgICAgImRpZ2VzdCI6ICJmMDc4ZDMwZTJmNDViMTRmNzgyOGJkNzFmYzM4ODcwNGUxN2MxNmFmNTQwYTVjMDZkOWY2NDk1MGQyYzVkYTljIgogICAgICB9LAogICAgICB7CiAgICAgICAgImFsZ29yaXRobSI6ICJzaGEyNTYiLAogICAgICAgICJuYW1lIjogInJlZmVyZW5jZXMvcnVudGltZS1jb250cm9scy5tZCIsCiAgICAgICAgImRpZ2VzdCI6ICIyYjdhNjljMjg5MTg3MGQ1MmU1NTdjZWQxYjBmYTUxMzIyZGJmNDc1MGVmNjQzYTAwNDVjNWUwYzI2ZTg3NzgzIgogICAgICB9LAogICAgICB7CiAgICAgICAgImFsZ29yaXRobSI6ICJzaGEyNTYiLAogICAgICAgICJuYW1lIjogInJlZmVyZW5jZXMvd29ya3NwYWNlLWZpbGVzLm1kIiwKICAgICAgICAiZGlnZXN0IjogIjRiOWQzYzQ4NmU4MGY3NDJmYmYzYWU2ZWRjN2FkZDQ5ODNhZDIwY2Y5NGVkOGZhOGIzNDkwNzNlOTY5NjIxZGYiCiAgICAgIH0sCiAgICAgIHsKICAgICAgICAiYWxnb3JpdGhtIjogInNoYTI1NiIsCiAgICAgICAgIm5hbWUiOiAic2tpbGwtY2FyZC5tZCIsCiAgICAgICAgImRpZ2VzdCI6ICI3YzU5ZDYwZGE2NGQyMjY5MDI3ZmEzNzc1ZmI5YTI4ZGU0ZjMwZjA2YjhhZDljNDg2YjAxODM2ODNiMTdjZTc3IgogICAgICB9CiAgICBdLAogICAgInNlcmlhbGl6YXRpb24iOiB7CiAgICAgICJtZXRob2QiOiAiZmlsZXMiLAogICAgICAiYWxsb3dfc3ltbGlua3MiOiBmYWxzZSwKICAgICAgImlnbm9yZV9wYXRocyI6IFsKICAgICAgICAiLmdpdGh1YiIsCiAgICAgICAgIi5naXQiLAogICAgICAgICIuZ2l0aWdub3JlIiwKICAgICAgICAiLmdpdGF0dHJpYnV0ZXMiCiAgICAgIF0sCiAgICAgICJoYXNoX3R5cGUiOiAic2hhMjU2IgogICAgfQogIH0KfQ==","payloadType":"application/vnd.in-toto+json","signatures":[{"sig":"MGUCMQDh9XgVgbNeklWOCCE793BAiDW3vovJS0qHNs3ja3HoJT/GeDbZDPoAMR+7iLC2V1kCMAycS44pDP81fVwQ8AA+1qoqK4BIClcr7xu+vM5P2LDquvuaE2/tvKRTRH0/uIAMTw==","keyid":""}]}} \ No newline at end of file