Pinchy vs NemoClaw

Different layers. Different problems. One stack.
NemoClaw secures the runtime. Pinchy manages the team.

The Short Version

NemoClaw is Nvidia's open-source security layer for OpenClaw. It sandboxes agents at the kernel level so they can't escape their boundaries, even if compromised.

Pinchy is an open-source enterprise platform for OpenClaw. It gives your team a web interface, user management, agent configuration, and audit trails so non-technical people can actually work with AI agents.

They don't compete. They stack.

Feature Comparison

Pinchy NemoClaw
Primary purpose Team platform for AI agents Runtime security for AI agents
Web interface Full web UI with chat CLI only
User management Multi-user with RBAC Single-user
Role-based access Per-agent, per-user permissions Not applicable
Agent personalities SOUL.md, knowledge bases Not in scope
Kernel-level sandboxing Docker-level isolation Landlock, seccomp, namespaces
Out-of-process policy Application-level controls Agent can't override policies
Network isolation Docker network rules Kernel-level network namespaces
Audit trail Tamper-evident, web UI Session monitoring, logs
Multi-channel messaging Web UI + per-agent Telegram bots Not in scope
Privacy routing Self-hosted, BYO API keys Inference request routing
Maturity v0.5.x (active development) Alpha (expect rough edges)
License AGPL-3.0 Apache 2.0
Self-hosted Docker deploy Linux only (OpenShell)

What NemoClaw Does Well

Credit where it's due. NemoClaw's architecture makes a fundamentally sound decision: guardrails live outside the agent process.

This matters because application-level security has an inherent weakness. If an agent is compromised through prompt injection or tool misuse, it could potentially modify its own restrictions. NemoClaw eliminates this attack vector by enforcing policies at the kernel level, in a separate process the agent can't touch.

Landlock + seccomp

Linux kernel security modules that restrict filesystem access and system calls. The agent process physically cannot access files or make network calls outside its policy.

Network Namespaces

Each sandbox gets its own network stack. An agent meant to access only your internal API literally cannot reach the internet, enforced by the kernel.

Privacy Routing

Control which AI providers receive which data. Sensitive queries stay on-premise. Routine tasks can use cloud models. Policy-driven, not hope-driven.

This is the kind of infrastructure work that makes the entire ecosystem more trustworthy. We're glad Nvidia is building it.

What Pinchy Adds on Top

NemoClaw secures the runtime. But security alone doesn't make AI agents usable for a team of 20 people. That's where Pinchy comes in.

Chat Interface

Your marketing team, your finance team, your HR department. They need to talk to agents in a browser, not a terminal. Pinchy gives them a clean web UI they already know how to use.

User Management

Who can talk to which agent? Marketing gets the content agent. Finance gets the accounting agent. Nobody accidentally triggers something they shouldn't. RBAC that maps to your org chart.

Agent Personalities

SOUL.md files define how agents behave, what tone they use, what they know. Knowledge bases give them company context. This isn't security, it's usability, and it's what makes agents actually useful.

Readable Audit Trail

NemoClaw logs at the system level. Pinchy logs at the business level: who asked what, what the agent did, which tools it used. Your compliance officer can read it without being a sysadmin.

Multi-Channel

Meet your team where they work. Web UI plus per-agent Telegram bots. One agent, multiple channels. NemoClaw doesn't do messaging, it's not meant to.

Zero-Config Deploy

One Docker command. No Linux kernel modules, no custom runtimes. Pinchy runs wherever Docker runs: Linux, macOS, Windows, cloud, on-prem. NemoClaw requires Linux with specific kernel features.

The Ideal Enterprise Stack

For organizations that want both maximum security and maximum usability, the answer isn't "Pinchy or NemoClaw." It's both.

1

NemoClaw sandboxes the runtime

Agents run inside isolated environments with kernel-enforced policies. Even a compromised agent can't escape. Network access, filesystem access, system calls — all locked down at the OS level.

2

Pinchy manages the humans

Your team interacts through Pinchy's web UI and messaging integrations. RBAC ensures the right people talk to the right agents. The audit trail captures every interaction for compliance.

3

Two layers, one stack

Infrastructure-grade security below. Human-friendly management above. Each layer does what it's best at. Neither tries to be both.

Note: NemoClaw is currently in alpha and requires Linux with OpenShell. We're monitoring its development and will document the integration path as it stabilizes.

Which One Do You Need?

Small team, getting started with AI agents

Pinchy. Docker deploy, web UI, start chatting with agents in minutes. Add NemoClaw later when your security requirements grow.

Security-first environment, Linux infrastructure

Both. NemoClaw for kernel-level isolation, Pinchy for the team-facing platform. Defense in depth.

Research team, single developer

Plain OpenClaw. You might not need either yet. Both Pinchy and NemoClaw shine when multiple people interact with agents.

Regulated industry (finance, healthcare)

Both. NemoClaw's out-of-process policy enforcement plus Pinchy's tamper-evident audit trail covers the compliance stack top to bottom.

Non-technical teams need agent access

Pinchy. Your marketing, HR, or finance team talks to agents through a web UI or Telegram. No terminal, no setup, no training required.

Running agents on untrusted code or inputs

NemoClaw. When agents process external data that could contain prompt injections, kernel-level isolation prevents any breakout. Add Pinchy for the management layer.

See Pinchy in Action

30-minute demo. No pitch deck. We'll show you the platform, discuss your security requirements, and talk about how Pinchy fits your stack.

Book a Demo

Frequently asked questions.

Is Pinchy a NemoClaw alternative?

No. Pinchy and NemoClaw solve different problems. NemoClaw is a runtime security layer that sandboxes OpenClaw agents at the kernel level. Pinchy is an application platform that gives teams a web interface, user management, RBAC, and audit trails for working with AI agents. They are complementary and can be used together.

Can I use Pinchy and NemoClaw together?

Yes. The ideal enterprise stack runs OpenClaw agents inside NemoClaw's sandboxed runtime, managed through Pinchy's web interface. Infrastructure-grade security below, human-friendly management above.

What does NemoClaw do that Pinchy doesn't?

NemoClaw provides kernel-level sandboxing via Landlock, seccomp, and network namespaces. It enforces policies outside the agent process, meaning even a compromised agent can't disable its own restrictions. This is infrastructure-level security that sits below any application layer.

What does Pinchy do that NemoClaw doesn't?

Pinchy provides the human layer: web-based chat interface, multi-user access with Admin/Member roles plus Groups, agent personality configuration, knowledge bases, a tamper-evident HMAC-signed audit trail with a readable UI, and per-agent Telegram bots. NemoClaw is a CLI tool with no user interface.