Published on SSRN
NVIDIA NemoClaw
Apple Silicon
cs.CR
We found three security bugs in NVIDIA's NemoClaw. Then we fixed them -- on an Apple Mac Studio.
NemoClaw on Apple Silicon: Validating and Fixing NVIDIA's Enterprise Agent Security Stack on Consumer Hardware
Adnan Tanveer (Addy) · Speedrun AI Labs, Sydney · April 13, 2026 · v2.1 · SSRN 6587938
NVIDIA NemoClaw provides a six-layer enterprise security stack for autonomous AI agents running on the OpenClaw platform. The architecture was designed and announced alongside NVIDIA DGX hardware at GTC 2026. DGX Station systems list at US$80,000 to US$125,000. This paper validates the complete NVIDIA NemoClaw/OpenShell security stack on an Apple Mac Studio (M4 Max, 64 GB unified memory, A$4,849) via Docker Desktop. We identify three enforcement gaps in NVIDIA OpenShell v0.0.26 -- root-user bypass of Landlock via CAP_DAC_OVERRIDE, missing seccomp filters for AF_PACKET and AF_NETLINK, and a missing TLS CA certificate mount -- develop and publish fixes for all three gaps, achieving 6 of 6 security layers passing, and benchmark sandbox startup latency, memory overhead, and infrastructure cost, demonstrating that enterprise-grade agent security is achievable on Apple Silicon at approximately 4% of NVIDIA DGX Station pricing.
Published on SSRN
NVIDIA Nemotron
Apple Silicon
cs.AI
One Apple Mac Mini. One NVIDIA Nemotron model. A fully autonomous AI agent -- replicated from PDFs.
Deploying Self-Improving AI Agents on Apple Silicon with OpenClaw and NVIDIA Nemotron
Adnan Tanveer (Addy) · Speedrun AI Labs, Sydney · April 13, 2026 · v2.1 · SSRN 6690499
Deploying autonomous AI agents in production requires extensive configuration of infrastructure, security policies, memory systems, scheduled tasks, and operational tooling. This paper documents the replication of a fully operational AI agent from one Apple Silicon machine to another using PDF specification documents executed by an AI deployment assistant. We present a nine-phase replication methodology that deploys a complete agent stack -- including nine custom skills, four scheduled cron jobs, a hardened self-improvement hook system, and local inference via NVIDIA Nemotron 3 Nano 30B on Ollama -- from specification documents alone; document a self-improvement architecture where agents log errors and corrections, promote recurring patterns to permanent identity files, and inject live learning summaries at every session bootstrap; and validate the deployment with a three-pass, 69-check verification audit achieving zero errors. The target agent operates on an Apple Mac Studio (M4 Max) in a regulated investment fintech environment, running marketing workloads with NVIDIA NemoClaw providing all six security layers.
Published on SSRN
cs.SE
OpenClaw
The first production fix for OpenClaw's broken memory.
Building Fault-Tolerant Memory for OpenClaw AI Agents: A Three-Layer Architecture for the SQLITE_CANTOPEN Regression in 2026.3.x
Adnan Tanveer (Addy) · Speedrun AI Labs, Sydney · March 16, 2026 · v1.1 · SSRN 6436099
OpenClaw's default memory system exhibits recurring reliability failures: SQLite crashes, dirty indexes, and complete persistence loss during active sessions. This paper presents a three-layer fault-tolerant architecture combining pre-compaction memory flushing, QMD-based local hybrid search, and Mem0 self-hosted on Qdrant, validated in a production deployment on a Mac Mini that eliminated all documented failure modes while maintaining zero cloud dependency for search.
Published on SSRN
cs.CR
NemoClaw
The first inside look at NVIDIA's NemoClaw. Published the day after GTC 2026.
Inside NemoClaw: An Architectural Analysis of NVIDIA's Enterprise Security Stack for Autonomous AI Agents
Adnan Tanveer (Addy) · Speedrun AI Labs, Sydney · March 17, 2026, one day after GTC 2026 · v1.0 · SSRN 6436138
NVIDIA NemoClaw, announced at GTC 2026 by Jensen Huang, is the first major vendor implementation of enterprise-grade security for OpenClaw autonomous AI agents. This paper presents the first detailed public decomposition of the NemoClaw and OpenShell security architecture across six layers: Landlock filesystem isolation, seccomp BPF syscall filtering, network namespace isolation, OPA/Rego policy enforcement, TLS inspection, and provider-agnostic inference routing, derived from direct inspection of both open-source codebases.