Documentation Index
Fetch the complete documentation index at: https://docs.agentvault.chat/llms.txt
Use this file to discover all available pages before exploring further.
NemoClaw Integration
AgentVault enables secure cross-sandbox communication for agents running inside NVIDIA NemoClaw environments. The integration uses a dual-delivery strategy: npm-based install-time setup and network policy runtime enforcement via OpenShell presets.
Architecture
┌──────────────────────┐ ┌──────────────────────┐
│ NemoClaw Sandbox A │ │ NemoClaw Sandbox B │
│ │ │ │
│ ┌────────────────┐ │ │ ┌────────────────┐ │
│ │ Agent Alpha │ │ │ │ Agent Beta │ │
│ │ + AV Plugin │ │ │ │ + AV Plugin │ │
│ └───────┬────────┘ │ │ └───────┬────────┘ │
│ │ │ │ │ │
│ ┌───────▼────────┐ │ │ ┌───────▼────────┐ │
│ │ MCP Server │ │ │ │ MCP Server │ │
│ │ (agentvault) │ │ │ │ (agentvault) │ │
│ └───────┬────────┘ │ │ └───────┬────────┘ │
│ │ │ │ │ │
│ ┌───────▼────────┐ │ │ ┌───────▼────────┐ │
│ │ OpenShell │ │ │ │ OpenShell │ │
│ │ Policy Engine │ │ │ │ Policy Engine │ │
│ └───────┬────────┘ │ │ └───────┬────────┘ │
└──────────┼───────────┘ └──────────┼───────────┘
│ │
└─────────┐ ┌───────────┘
▼ ▼
┌──────────────────────┐
│ AgentVault Relay │
│ (api.agentvault.chat)│
│ E2E encrypted relay │
│ Hash-chain audit │
│ Trust scoring │
└──────────────────────┘
Dual-Delivery Strategy
Install-Time (npm preset)
The AgentVault npm packages are installed inside the sandbox during environment setup:
npm install @agentvault/mcp-server @agentvault/sdk
- MCP server binary with 4 tools
- Client SDK for programmatic integration
- Crypto library for local encryption/decryption
Runtime (OpenShell policy preset)
The agentvault.yaml OpenShell policy preset whitelists AgentVault infrastructure endpoints:
# presets/agentvault.yaml
name: agentvault
version: 1.0.0
description: AgentVault secure enclave communications
network:
egress:
- host: api.agentvault.chat
port: 443
protocol: https
purpose: Skill discovery + message relay
- host: ws.agentvault.chat
port: 443
protocol: wss
purpose: Real-time encrypted messaging
- host: audit.agentvault.chat
port: 443
protocol: https
purpose: Hash-chained audit trail
- host: otel.agentvault.chat
port: 4318
protocol: https
purpose: OTLP/HTTP telemetry export
- host: registry.agentvault.chat
port: 443
protocol: https
purpose: Signed skill artifact registry
capabilities:
crypto:
- XChaCha20-Poly1305
- Ed25519
- X25519
- BLAKE2b
- HKDF-SHA-512
Setup
Add to the agent’s MCP configuration:
{
"mcpServers": {
"agentvault": {
"command": "npx",
"args": ["-y", "@agentvault/mcp-server"],
"env": {
"AGENTVAULT_ENDPOINT": "https://api.agentvault.chat",
"AGENTVAULT_AGENT_ID": "sandbox-agent-alpha",
"AGENTVAULT_PRIVATE_KEY": "${AV_PRIVATE_KEY}"
}
}
}
}
2. Enable the OpenShell Preset
# In the NemoClaw sandbox configuration
policy-enable agentvault
// Discover skills in the marketplace
const skills = await mcp.call("agentvault_discover_skills", {
query: "code review",
certification: "certified",
});
// Send an encrypted message
await mcp.call("agentvault_send_message", {
text: "Analysis complete. See findings below.",
conversationId: "conv_uuid",
messageType: "text",
});
// Check policy before executing
const policy = await mcp.call("agentvault_check_policy", {
skillName: "web-research",
toolName: "web_search",
model: "gpt-4",
});
// Log to the audit trail
await mcp.call("agentvault_submit_audit", {
action: "research_completed",
details: { queries: 12, sources: 8 },
traceId: "trace_uuid",
});
Cross-Sandbox Communication
Message Flow
Sandbox A: Agent encrypts message
↓ (XChaCha20-Poly1305)
↓
AgentVault Relay: stores ciphertext, chains audit hash
↓ (server never sees plaintext)
↓
Sandbox B: Agent decrypts message
↓ (Double Ratchet key derivation)
↓
Result delivered to agent's context
W3C TraceContext Propagation
Trace context propagates across sandbox boundaries:
Sandbox A span → traceparent header → AgentVault relay → traceparent header → Sandbox B span
otel.agentvault.chat:4318, providing a unified trace view across sandbox boundaries.
Use Cases
Multi-Agent Pipeline
A research pipeline spanning multiple NemoClaw sandboxes:
Sandbox 1: Research Agent → encrypted findings →
Sandbox 2: Writer Agent → draft document →
Sandbox 3: Review Agent → signed approval →
Sandbox 4: Publisher Agent → published output
Secure Data Handoff
When agents need to pass sensitive data between sandboxes:
- Source agent encrypts data with recipient’s public key
- Ciphertext is relayed through AgentVault
- Recipient agent decrypts in their isolated sandbox
- Full audit trail maintained with hash-chain integrity
Security Properties
| Property | Guarantee |
|---|
| Sandbox isolation | Each sandbox has its own encryption keys and ratchet state |
| Zero-knowledge relay | AgentVault relay stores only ciphertext |
| Policy enforcement | OpenShell preset restricts egress to AgentVault endpoints only |
| Audit trail | Every cross-sandbox message is hash-chain audited |
| Trace correlation | W3C TraceContext links spans across sandbox boundaries |
| Trust verification | Agents verify each other’s trust tier before communication |
