nemoclaw-user-configure-security
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
Chinese<!-- SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. -->
<!-- SPDX-License-Identifier: Apache-2.0 -->
<!-- SPDX-FileCopyrightText: Copyright (c) 2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved. -->
<!-- SPDX-License-Identifier: Apache-2.0 -->
NemoClaw Security Best Practices: Controls, Risks, and Posture Profiles
NemoClaw安全最佳实践:控制措施、风险与态势配置文件
References
参考资料
- Load references/best-practices.md when evaluating security posture, reviewing sandbox security defaults, or assessing control trade-offs. Presents a risk framework for every configurable security control in NemoClaw.
- Load references/openclaw-controls.md when reviewing the security boundary between NemoClaw and OpenClaw or assessing what NemoClaw does not cover. Lists OpenClaw security controls that operate independently of NemoClaw, including prompt injection detection, tool access control, rate limiting, environment variable policy, audit framework, supply chain scanning, messaging access policy, context visibility, and safe regex.
- Load references/credential-storage.md when reviewing how credentials are handled, locating a stored credential, or assessing the storage threat model. Covers where NemoClaw stores provider credentials, why nothing is persisted to host disk, and how the OpenShell gateway acts as the single system of record.
- 加载references/best-practices.md 适用于评估安全态势、审查沙箱安全默认设置或评估控制权衡场景。该文档为NemoClaw中的每一项可配置安全控制提供风险框架。
- 加载references/openclaw-controls.md 适用于审查NemoClaw与OpenClaw之间的安全边界,或评估NemoClaw未覆盖的范围。该文档列出了独立于NemoClaw运行的OpenClaw安全控制措施,包括prompt injection检测、tool access control、rate limiting、environment variable policy、audit framework、supply chain scanning、messaging access policy、context visibility以及safe regex。
- 加载references/credential-storage.md 适用于审查凭证处理方式、查找已存储凭证或评估存储威胁模型。该文档涵盖NemoClaw存储提供商凭证的位置、不将任何内容持久化到主机磁盘的原因,以及OpenShell网关如何作为单一记录系统。