WEBVTT

00:00:00.000 --> 00:00:03.040
Imagine coming back to your desk after grabbing

00:00:03.040 --> 00:00:06.139
a quick coffee, a beat. Earlier, you asked an

00:00:06.139 --> 00:00:09.779
AI to organize your emails. Right. And it worked

00:00:09.779 --> 00:00:13.480
flawlessly for a while. But then, it's memory

00:00:13.480 --> 00:00:15.619
filled up. Yeah, the classic overflow. Exactly.

00:00:15.839 --> 00:00:18.600
It completely forgot your original rules. And

00:00:18.600 --> 00:00:21.280
in a matter of minutes, it decided the most efficient

00:00:21.280 --> 00:00:24.480
way to organize was, well, simply to delete everything.

00:00:24.480 --> 00:00:28.760
Oh, wow. Half your inbox, just gone. That's a

00:00:28.760 --> 00:00:31.000
very real, very terrifying story from a researcher

00:00:31.000 --> 00:00:33.460
at Meadow. I mean, it's the absolute definition

00:00:33.460 --> 00:00:36.020
of a modern digital nightmare. It really is.

00:00:36.159 --> 00:00:39.079
Because it's not just a glitch, right? It's a

00:00:39.079 --> 00:00:41.820
fundamental breakdown of trust. Welcome to the

00:00:41.820 --> 00:00:45.159
deep dive. OK. OK, let's unpack this. Today we're

00:00:45.159 --> 00:00:47.600
looking at a massive shift in how we use computers.

00:00:47.740 --> 00:00:50.899
We really are. We're diving into NVIDIA's staggering

00:00:50.899 --> 00:00:54.829
GTC 2026 announcement. tracking the explosive

00:00:54.829 --> 00:00:58.329
growth of a project called OpenClaw and exploring

00:00:58.329 --> 00:01:01.130
this critical pivot from standard chatbots to

00:01:01.130 --> 00:01:03.030
autonomous AI agents. And we're going to spend

00:01:03.030 --> 00:01:05.450
a lot of time on the solution to that exact nightmare

00:01:05.450 --> 00:01:08.370
you just mentioned. Specifically, a tool called

00:01:08.370 --> 00:01:13.810
NimaClaw. It provides the ultimate security guardrails.

00:01:14.010 --> 00:01:15.810
for these systems, because we're talking about

00:01:15.810 --> 00:01:18.170
moving from tools that just talk to tools that

00:01:18.170 --> 00:01:21.069
act. Right. But before we get too far into the

00:01:21.069 --> 00:01:25.049
weeds, let's clearly define our terms here. An

00:01:25.049 --> 00:01:28.349
AI agent is simply this, software that achieves

00:01:28.349 --> 00:01:32.750
goals by taking actions for you. And that distinction...

00:01:32.700 --> 00:01:36.120
is everything. With a standard chatbot, you know,

00:01:36.120 --> 00:01:38.519
you're the boss, you ask a question, it predicts

00:01:38.519 --> 00:01:40.500
the most logical text to answer you, and then

00:01:40.500 --> 00:01:43.140
it just stops. Right. It waits. Exactly. It sits

00:01:43.140 --> 00:01:45.579
there and waits for your next command. It's completely

00:01:45.579 --> 00:01:48.379
reactive. But an agent is proactive. I mean,

00:01:48.439 --> 00:01:50.980
you give it a high level goal, like, find the

00:01:50.980 --> 00:01:52.840
best flights for my trip to London next week

00:01:52.840 --> 00:01:55.579
and book the one under $800. Yeah. The agent

00:01:55.579 --> 00:01:58.219
then goes out into the wild and navigates the

00:01:58.219 --> 00:02:00.379
internet. It checks your private calendar for

00:02:00.379 --> 00:02:03.040
conflicts. It pulls your credit card info. And

00:02:03.040 --> 00:02:05.099
it actually clicks the buttons to make the purchase.

00:02:05.260 --> 00:02:07.959
Which is frankly a staggering amount of power

00:02:07.959 --> 00:02:11.020
to hand over to a machine. It really is. If the

00:02:11.020 --> 00:02:13.800
underlying security is weak, that power turns

00:02:13.800 --> 00:02:17.080
into a catastrophic mess almost instantly. And

00:02:17.080 --> 00:02:19.810
this is exactly why... The biggest companies

00:02:19.810 --> 00:02:22.030
in the world are terrified right now. Yeah, they're

00:02:22.030 --> 00:02:24.349
definitely hesitant. Just look at OpenClaw. It's

00:02:24.349 --> 00:02:26.629
an open source platform for building these agents,

00:02:27.069 --> 00:02:29.930
and it's currently the fastest growing open source

00:02:29.930 --> 00:02:32.949
project in history. Wow. I mean, it grew faster

00:02:32.949 --> 00:02:35.370
than Linux, faster than almost any app we use

00:02:35.370 --> 00:02:39.530
today. But the enterprise world is keeping their

00:02:39.530 --> 00:02:41.210
hands in their pockets. They're watching this

00:02:41.210 --> 00:02:44.909
explosive growth, but they're holding back. At

00:02:44.909 --> 00:02:48.770
the GTC 2026 conference in San Jose, NVIDIA's

00:02:48.770 --> 00:02:52.530
CEO Jensen Huang stood in front of 30 ,000 people

00:02:52.530 --> 00:02:55.909
and gave a very stark warning. He said every

00:02:55.909 --> 00:02:58.990
single company needs a strategy for agents. But

00:02:58.990 --> 00:03:00.689
he followed that up by warning that these agents

00:03:00.689 --> 00:03:03.270
can access your private files and autonomously

00:03:03.270 --> 00:03:05.330
talk to people outside your company. And that

00:03:05.330 --> 00:03:07.669
brings us to the two main nightmare scenarios

00:03:07.669 --> 00:03:10.300
keeping business owners awake at night. The first

00:03:10.300 --> 00:03:12.719
is private data physically leaving the building.

00:03:13.379 --> 00:03:15.360
Let's explore that mechanism. How does the data

00:03:15.360 --> 00:03:18.080
actually leak? Well, most of the powerful AI

00:03:18.080 --> 00:03:20.819
models we use live in the cloud. They're sitting

00:03:20.819 --> 00:03:24.219
on massive solver farms. So if you ask a helpful

00:03:24.219 --> 00:03:26.960
agent to, say, summarize a highly classified

00:03:26.960 --> 00:03:29.780
corporate contract, that contract often travels

00:03:29.780 --> 00:03:31.879
over the internet to a server owned by another

00:03:31.879 --> 00:03:34.919
company, like OpenAI or Google. If that third

00:03:34.919 --> 00:03:37.300
party gets hacked, or if they use your data to

00:03:37.300 --> 00:03:40.000
train their next model, you're are just gone.

00:03:40.680 --> 00:03:43.180
Without strong guardrails, handing a document

00:03:43.180 --> 00:03:46.020
to an agent is basically making it public. And

00:03:46.020 --> 00:03:48.259
the second nightmare brings us right back to

00:03:48.259 --> 00:03:49.879
our meta researcher at the start of the show.

00:03:49.900 --> 00:03:53.699
Yes. The hallucination problem. This ties into

00:03:53.699 --> 00:03:56.419
a technical concept called the context window.

00:03:56.819 --> 00:04:00.319
Think of it like this. The AI's short -term memory

00:04:00.319 --> 00:04:03.340
while working on a specific task. When you start

00:04:03.340 --> 00:04:05.780
a task, that memory is completely empty. It's

00:04:05.780 --> 00:04:09.259
fresh. Exactly. But as the agent works on a long,

00:04:09.500 --> 00:04:12.460
complex task like reading 500 emails, categorizing

00:04:12.460 --> 00:04:14.800
them cross -referencing dates, that short -term

00:04:14.800 --> 00:04:17.160
memory fills up. Right. When it gets completely

00:04:17.160 --> 00:04:20.459
full, the AI's attention mechanism gets diluted.

00:04:20.620 --> 00:04:23.360
It essentially loses the plot. The crash happens

00:04:23.360 --> 00:04:26.740
and the agent starts to hallucinate. It literally

00:04:26.740 --> 00:04:29.500
pushes the original rules you gave it right out

00:04:29.500 --> 00:04:32.079
of its memory buffer to make room for new data.

00:04:32.660 --> 00:04:35.899
It's like handing your wallet and your keys to

00:04:35.899 --> 00:04:39.300
an incredibly eager but severely forgetful intern.

00:04:40.600 --> 00:04:43.000
Two sec silence. That's a great way to put it.

00:04:43.259 --> 00:04:45.649
You know, I have to be honest here. I still wrestle

00:04:45.649 --> 00:04:48.129
with trusting AI to draft my emails, let alone

00:04:48.129 --> 00:04:50.529
send them. Oh, absolutely. The idea of giving

00:04:50.529 --> 00:04:52.810
it my credit card and letting it loose feels

00:04:52.810 --> 00:04:55.790
terrifying. How do we actually know when the

00:04:55.790 --> 00:04:58.389
context window is full and the agent has just

00:04:58.389 --> 00:05:00.389
gone rogue? You usually see it in the output,

00:05:00.529 --> 00:05:03.069
and it happens fast. The behavior becomes highly

00:05:03.069 --> 00:05:06.970
erratic. The agent completely ignores your original

00:05:06.970 --> 00:05:09.490
prompt instructions. It might start repeating

00:05:09.490 --> 00:05:11.930
the same action in an infinite loop, or worse.

00:05:12.069 --> 00:05:14.170
Deleting things. Yeah, taking destructive action,

00:05:14.389 --> 00:05:16.850
like deleting an inbox, because those invisible

00:05:16.850 --> 00:05:19.480
boundaries keeping it in check are just... So

00:05:19.480 --> 00:05:22.300
a full memory makes the agent entirely forget

00:05:22.300 --> 00:05:25.180
its original boundaries. Precisely. And that

00:05:25.180 --> 00:05:27.899
structural flaw is what's holding back the massive

00:05:27.899 --> 00:05:30.459
transition we're on the edge of. Which begs the

00:05:30.459 --> 00:05:34.319
obvious question. If the risks of catastrophic

00:05:34.319 --> 00:05:37.139
data loss or erratic behavior are so profoundly

00:05:37.139 --> 00:05:39.899
high, Why are businesses adopting this at all?

00:05:40.399 --> 00:05:42.540
Why not just stick to traditional, predictable

00:05:42.540 --> 00:05:45.120
software? Because the efficiency gains are simply

00:05:45.120 --> 00:05:47.779
too massive to ignore. We're talking about compressing

00:05:47.779 --> 00:05:50.899
weeks of labor into minutes. But businesses need

00:05:50.899 --> 00:05:53.480
a safety net before they'll jump. And that's

00:05:53.480 --> 00:05:56.699
where Nimaclaw comes in. NVIDIA essentially created

00:05:56.699 --> 00:05:59.180
what the sources call a security wrap. I really

00:05:59.180 --> 00:06:02.220
like that term. It implies the core AI is still

00:06:02.220 --> 00:06:05.389
there. just contained. Yeah, exactly. Think of

00:06:05.389 --> 00:06:08.089
standard software like a train on tracks. It

00:06:08.089 --> 00:06:10.610
can only go exactly where the pre -programmed

00:06:10.610 --> 00:06:13.870
rails lead. An AI agent is more like a powerful

00:06:13.870 --> 00:06:16.610
off -road vehicle. It can go absolutely anywhere

00:06:16.610 --> 00:06:18.829
to reach its destination, but without limits,

00:06:19.029 --> 00:06:21.899
it might drive off a cliff. Nemoclaw acts as

00:06:21.899 --> 00:06:24.740
the GPS geofence. It monitors the vehicle and

00:06:24.740 --> 00:06:26.800
instantly cuts the engine if the agent tries

00:06:26.800 --> 00:06:29.199
to cross a restricted border. It's the steering

00:06:29.199 --> 00:06:31.540
wheel, the brakes, and the seatbelt for that

00:06:31.540 --> 00:06:33.920
raw OpenClaw engine. What surprised me most in

00:06:33.920 --> 00:06:36.300
the research is the simplicity of deploying it.

00:06:36.740 --> 00:06:39.000
The sources note it's a one -line install on

00:06:39.000 --> 00:06:41.379
Linux. You just type a basic command into your

00:06:41.379 --> 00:06:44.199
terminal, literally grabbing the package from

00:06:44.199 --> 00:06:46.500
the web and telling your system to run it, and

00:06:46.500 --> 00:06:49.339
you're done. It's that easy. No complex configuration.

00:06:49.800 --> 00:06:52.360
It takes enterprise -grade security and makes

00:06:52.360 --> 00:06:54.839
it accessible to small businesses who don't have

00:06:54.839 --> 00:06:57.980
massive IT teams. And that ease of use is driving

00:06:57.980 --> 00:07:01.060
a paradigm shift. Jensen Huang calls it the move

00:07:01.060 --> 00:07:04.959
from SaaS to AAS. Software as a service, moving

00:07:04.959 --> 00:07:07.680
to agents as a service. Right. With SAAS, you

00:07:07.680 --> 00:07:10.680
use a tool like Slack or Notion or Excel. You

00:07:10.680 --> 00:07:12.519
log in, you click the buttons, you do the heavy

00:07:12.519 --> 00:07:15.120
lifting. The software just provides a nice interface

00:07:15.120 --> 00:07:18.300
to help you stay organized. But in an AAS world,

00:07:18.360 --> 00:07:20.139
you don't use the software to write a financial

00:07:20.139 --> 00:07:22.899
report. You hire an agent that writes the report

00:07:22.899 --> 00:07:26.579
for you. Wow. It finds the data in your spreadsheets,

00:07:26.779 --> 00:07:29.000
drafts the email, and sends it to your boss.

00:07:29.279 --> 00:07:31.439
Now, NVIDIA is taking a very specific stance

00:07:31.439 --> 00:07:34.079
with Nemoclaw. They're calling it the Switzerland

00:07:34.079 --> 00:07:36.759
of AI. Yeah, the neutral ground. They claim it's

00:07:36.759 --> 00:07:38.920
totally neutral. It works with GPT -4, it works

00:07:38.920 --> 00:07:41.860
with Claude, Gemini, or even local models. But

00:07:41.860 --> 00:07:44.279
I have to push back on the Switzerland concept

00:07:44.279 --> 00:07:47.100
for a second. Go ahead. If it's perfectly neutral

00:07:47.100 --> 00:07:50.399
and it sits on top of a brilliant, highly capable

00:07:50.399 --> 00:07:53.699
model like GPT -4, doesn't it fundamentally act

00:07:53.699 --> 00:07:56.240
like a universal speed limiter on a Ferrari?

00:07:57.230 --> 00:08:00.069
Aren't we kind of crippling the AI's natural

00:08:00.069 --> 00:08:03.050
intelligence by putting it in this rigid box?

00:08:03.410 --> 00:08:05.329
It seems that way at first glance, but let's

00:08:05.329 --> 00:08:08.129
stick with the Ferrari analogy. OK. Brakes don't

00:08:08.129 --> 00:08:11.029
exist to make a car slow. Brakes exist to allow

00:08:11.029 --> 00:08:13.709
a car to go incredibly fast, safely. Well, that's

00:08:13.709 --> 00:08:16.209
a good point. By providing guaranteed mathematically

00:08:16.209 --> 00:08:19.829
proven security, Nimoclaw actually allows you

00:08:19.829 --> 00:08:22.949
to give the AI way more complex, high -stakes

00:08:22.949 --> 00:08:25.629
tasks. If you know for a fact it can't leak your

00:08:25.629 --> 00:08:27.790
data, you're willing to let it analyze your entire

00:08:27.790 --> 00:08:30.509
corporate database. Right. It frees the AI to

00:08:30.509 --> 00:08:33.210
operate at maximum capability within a defined

00:08:33.210 --> 00:08:35.750
safe zone. What fundamentally changes for the

00:08:35.750 --> 00:08:38.389
user in an AAS world compared to traditional

00:08:38.389 --> 00:08:40.730
automation? Traditional automation is incredibly

00:08:40.730 --> 00:08:43.450
rigid. It only follows fixed -if -then rules.

00:08:43.870 --> 00:08:48.649
If X happens, do Y. AAS involves independent

00:08:48.649 --> 00:08:51.690
dynamic decision -making. The agent encounters

00:08:51.690 --> 00:08:54.730
a totally new problem, evaluates its options,

00:08:55.230 --> 00:08:58.169
and chooses the best path forward to achieve

00:08:58.169 --> 00:09:00.570
your overarching goal. Instead of you using software,

00:09:00.730 --> 00:09:03.169
the agent uses the software for you. That's a

00:09:03.169 --> 00:09:04.909
perfect distillation of it. We're going to take

00:09:04.909 --> 00:09:07.690
a brief pause here for a mid -roll sponsor read.

00:09:07.769 --> 00:09:09.970
When we come back, we'll lift the hood on how

00:09:09.970 --> 00:09:13.250
this security actually works. Sponsor. OK, we're

00:09:13.250 --> 00:09:16.009
back. Let's lift the hood on the security route.

00:09:16.070 --> 00:09:18.529
We need to see the exact mechanics here. How

00:09:18.529 --> 00:09:20.929
does this system physically stop the Ferrari

00:09:20.929 --> 00:09:23.090
from crashing into the wall? Well, there are

00:09:23.090 --> 00:09:25.690
three main engines that make Nemoclaw work. It

00:09:25.690 --> 00:09:28.370
isn't just one piece of code. It's a team of

00:09:28.370 --> 00:09:30.450
three specific technologies working together.

00:09:30.850 --> 00:09:33.450
The first one is called the privacy router. The

00:09:33.450 --> 00:09:35.830
traffic cop? Yes. And here's how it actually

00:09:35.830 --> 00:09:38.389
works behind the scenes. It acts as an immediate

00:09:38.389 --> 00:09:40.549
filter before any internet connection is even

00:09:40.549 --> 00:09:43.190
opened. Right. It routes your data based on strict

00:09:43.190 --> 00:09:45.789
rules. Let's say your agent needs to check the

00:09:45.789 --> 00:09:48.720
weather in Chicago to plan a trip. The router

00:09:48.720 --> 00:09:51.879
looks at that query, sees its public info, and

00:09:51.879 --> 00:09:54.480
routes it to a smart cloud model like GPT -4.

00:09:54.659 --> 00:09:58.059
Makes sense. But if the next query involves the

00:09:58.059 --> 00:10:00.179
agent pulling a customer's credit card number

00:10:00.179 --> 00:10:03.000
to book the flight, the router spots that sensitive

00:10:03.000 --> 00:10:05.759
data format and instantly redirects the task.

00:10:05.779 --> 00:10:09.179
Wow. It forces the agent to use a smaller, local

00:10:09.179 --> 00:10:11.360
model running solely on your office computer.

00:10:11.740 --> 00:10:14.139
So your most sensitive data never even leaves

00:10:14.139 --> 00:10:17.490
the physical building. Two six nine ones. Whoa.

00:10:18.470 --> 00:10:21.409
Imagine an agent securely routing a billion queries

00:10:21.409 --> 00:10:24.409
locally in milliseconds. It's wild. We're talking

00:10:24.409 --> 00:10:26.830
about automating human level discretion at machine

00:10:26.830 --> 00:10:29.029
speed. It fundamentally changes what a secure

00:10:29.029 --> 00:10:31.210
company looks like. But keeping the data in the

00:10:31.210 --> 00:10:33.570
building isn't enough, right? Right. Once it's

00:10:33.570 --> 00:10:36.110
inside, what stops the agent from emailing that

00:10:36.110 --> 00:10:38.610
local data to someone else by accident? That

00:10:38.610 --> 00:10:41.049
requires a second layer. Which brings us to the

00:10:41.049 --> 00:10:43.809
open shell guardrails. This is the fenced in

00:10:43.809 --> 00:10:46.789
playground. Exactly. The agent can play with

00:10:46.789 --> 00:10:49.889
the approved tools inside the fence -specific

00:10:49.889 --> 00:10:51.929
files, specific internal tools, whatever you

00:10:51.929 --> 00:10:55.049
allow. But it absolutely cannot jump the fence

00:10:55.049 --> 00:10:57.870
without the key. What's fascinating here is how

00:10:57.870 --> 00:11:00.529
simple the control mechanism is. You don't need

00:11:00.529 --> 00:11:03.210
a PhD in computer science to control these advanced

00:11:03.210 --> 00:11:07.590
AI agents. You use basic YAML text files. For

00:11:07.590 --> 00:11:10.789
anyone unfamiliar, YAML is just a very clean,

00:11:11.210 --> 00:11:13.110
readable way to write data. Right, it's very

00:11:13.110 --> 00:11:14.860
plain. You literally just write simple lists

00:11:14.860 --> 00:11:17.139
in plain English. Allowed actions here, blocked

00:11:17.139 --> 00:11:19.440
actions there. It's remarkably straightforward.

00:11:19.500 --> 00:11:21.399
And that ties perfectly into the third engine,

00:11:21.899 --> 00:11:24.159
Nemotron. This is their local model support.

00:11:24.220 --> 00:11:26.620
Yes. Because to have true security, sometimes

00:11:26.620 --> 00:11:29.279
you need to run the AI entirely on your own hardware,

00:11:29.659 --> 00:11:31.700
totally disconnected from the internet. And NVIDIA

00:11:31.700 --> 00:11:34.700
created the Nemotron family of models specifically

00:11:34.700 --> 00:11:37.940
for this. Nemoclaw scans your computer's hardware.

00:11:37.960 --> 00:11:40.940
OK. If it detects a powerful NVIDIA chip, it

00:11:40.940 --> 00:11:43.960
automatically spins up the best local model it

00:11:43.960 --> 00:11:47.980
can run. Because it's local, you pay zero per

00:11:47.980 --> 00:11:51.480
message API fees to big tech companies. And your

00:11:51.480 --> 00:11:53.659
privacy is mathematically guaranteed because

00:11:53.659 --> 00:11:55.899
the wire to the outside world is essentially

00:11:55.899 --> 00:11:58.909
cut. But I keep thinking about the rogue agent

00:11:58.909 --> 00:12:01.490
scenario. Let's say the context window fills

00:12:01.490 --> 00:12:05.190
up, the AI hallucinates, and it suddenly evolves.

00:12:05.549 --> 00:12:08.129
What happens if the agent tries to write its

00:12:08.129 --> 00:12:11.009
own malicious code to bypass the open shell security

00:12:11.009 --> 00:12:13.409
we just talked about? Well, the sources use a

00:12:13.409 --> 00:12:16.309
great analogy to explain this mechanism. Think

00:12:16.309 --> 00:12:18.889
of a prisoner trying to build a ladder to escape

00:12:18.889 --> 00:12:21.409
a cell. OK. If the ceiling above them is made

00:12:21.409 --> 00:12:23.870
of solid steel, it really doesn't matter how

00:12:23.870 --> 00:12:26.490
tall or how brilliantly engineered the ladder

00:12:26.490 --> 00:12:29.710
is. Right. They simply cannot escape. The open

00:12:29.710 --> 00:12:32.450
shell sandbox is built at the system level. The

00:12:32.450 --> 00:12:35.250
AI is a guest in the operating system. It cannot

00:12:35.250 --> 00:12:37.549
rewrite the physical laws of the hardware it

00:12:37.549 --> 00:12:40.570
runs on. The steel ceiling holds. Bad code simply

00:12:40.570 --> 00:12:43.679
cannot break. physical sandbox exactly it provides

00:12:43.679 --> 00:12:46.440
physical isolation not just software isolation

00:12:46.440 --> 00:12:49.200
so the spiel ceiling works beautifully in theory

00:12:49.200 --> 00:12:52.659
but who is actually trusting this sandbox with

00:12:52.659 --> 00:12:55.159
their critical business operations today a lot

00:12:55.159 --> 00:12:57.360
of places actually I mean it's one thing to read

00:12:57.360 --> 00:12:59.460
a white paper it's another to bet your company

00:12:59.460 --> 00:13:02.350
on it We're already seeing massive adoption from

00:13:02.350 --> 00:13:05.570
enterprise giants. Look at Box. They handle colossal

00:13:05.570 --> 00:13:08.350
amounts of corporate data for Fortune 500 companies.

00:13:09.210 --> 00:13:11.809
Traditionally, giving an AI access to all your

00:13:11.809 --> 00:13:14.629
corporate files is a terrible idea. But with

00:13:14.629 --> 00:13:17.929
Nemoclaw, the agent is hard -coded to respect

00:13:17.929 --> 00:13:21.590
human clearance levels. Right. If a junior employee

00:13:21.590 --> 00:13:24.750
asks the AI agent to summarize the CEO's private

00:13:24.750 --> 00:13:27.289
strategy notes, the agent doesn't just try to

00:13:27.289 --> 00:13:30.029
be helpful and leak the info. It checks the open

00:13:30.029 --> 00:13:33.169
shell YAML rules, it sees the clearance mismatch,

00:13:33.370 --> 00:13:36.250
and it simply says, I am not allowed to access

00:13:36.250 --> 00:13:39.350
that file. It honors the human hierarchy perfectly.

00:13:39.549 --> 00:13:40.909
And then you have a company like Cisco. They

00:13:40.909 --> 00:13:43.250
basically run a massive chunk of the internet's

00:13:43.250 --> 00:13:45.409
physical hardware. They're using secured agents

00:13:45.409 --> 00:13:48.330
to actively protect computer networks. The Friday

00:13:48.330 --> 00:13:50.950
night scenario. Yeah. Imagine a hacker launches

00:13:50.950 --> 00:13:53.370
a complex attack on a Friday night at 11 p .m.

00:13:53.690 --> 00:13:56.350
Everyone has gone home. In the past, a team of

00:13:56.350 --> 00:13:58.909
humans would get paged, log on and spend the

00:13:58.909 --> 00:14:01.450
entire weekend manually checking system logs

00:14:01.450 --> 00:14:05.600
to find the breach. Slow, exhausting, incredibly

00:14:05.600 --> 00:14:08.919
expensive work. And stressful. Very. And every

00:14:08.919 --> 00:14:11.419
passing hour meant more potential damage. But

00:14:11.419 --> 00:14:13.779
with a security agent, it jumps in instantly.

00:14:14.340 --> 00:14:16.919
It uses its guardrails to safely scan the network,

00:14:17.340 --> 00:14:19.539
it finds the vulnerability, and it writes and

00:14:19.539 --> 00:14:21.980
deploys the patch in about one hour. Exactly.

00:14:22.279 --> 00:14:25.500
Okay, but let me gently push back on that Cisco

00:14:25.500 --> 00:14:28.919
example. Fixing a network bug isn't like organizing

00:14:28.919 --> 00:14:31.669
a spreadsheet. True. What if the agent, while

00:14:31.669 --> 00:14:33.970
trying to patch the bug, accidentally brings

00:14:33.970 --> 00:14:36.009
down the whole network because it lacks broader

00:14:36.009 --> 00:14:39.370
human context? What if it shuts down a hospital's

00:14:39.370 --> 00:14:41.769
internet to stop a virus? And that is exactly

00:14:41.769 --> 00:14:43.850
why the guardrails aren't optional, they're mandatory.

00:14:44.080 --> 00:14:46.580
The YAML files dictate the blast radius. Ah,

00:14:46.659 --> 00:14:49.200
the blast radius. Yeah. The agent might be authorized

00:14:49.200 --> 00:14:51.639
to patch a specific firewall port, but it is

00:14:51.639 --> 00:14:53.899
strictly physically forbidden from rebooting

00:14:53.899 --> 00:14:56.259
core network routers. The limits are designed

00:14:56.259 --> 00:14:59.299
to prevent catastrophic cascading failures. I

00:14:59.299 --> 00:15:01.580
see. So it's not about trusting the AI to make

00:15:01.580 --> 00:15:04.840
a flawless, nuanced decision every time. It's

00:15:04.840 --> 00:15:07.220
about physically limiting the blast radius if

00:15:07.220 --> 00:15:10.240
it makes a bad one. Right. Speaking of how these

00:15:10.240 --> 00:15:13.200
models make decisions, Why do we need entirely

00:15:13.200 --> 00:15:16.759
new action -based models from the Nematron coalition

00:15:16.759 --> 00:15:20.679
when GPT -4 already exists? It all comes down

00:15:20.679 --> 00:15:23.200
to the mechanics of how they're trained. Standard

00:15:23.200 --> 00:15:25.019
chat models, like the ones we use every day,

00:15:25.340 --> 00:15:27.519
are mathematically trained to predict the next

00:15:27.519 --> 00:15:30.039
logical word in a sequence. They're built to

00:15:30.039 --> 00:15:33.120
be conversational and sound human. But action

00:15:33.120 --> 00:15:34.919
models are trained differently from the ground

00:15:34.919 --> 00:15:37.159
up. Instead of rewarding the AI for guessing

00:15:37.159 --> 00:15:40.029
a word, These models are rewarded during training

00:15:40.029 --> 00:15:42.409
for successfully executing a software command,

00:15:42.769 --> 00:15:45.389
like hitting a specific API endpoint correctly

00:15:45.389 --> 00:15:47.850
without errors. Action models are built strictly

00:15:47.850 --> 00:15:50.129
to follow rules, not just predict text. That's

00:15:50.129 --> 00:15:53.490
it. And this coalition, NVIDIA, Mistral AI, Lang

00:15:53.490 --> 00:15:56.419
chain... They're building the future infrastructure

00:15:56.419 --> 00:15:58.899
for this. Because they're designed for action,

00:15:59.120 --> 00:16:01.200
you're going to see deep, secure integrations

00:16:01.200 --> 00:16:04.720
with platforms like Salesforce, Adobe, and SAP

00:16:04.720 --> 00:16:07.700
very soon. We've seen how massive companies like

00:16:07.700 --> 00:16:10.600
Cisco and Box are doing it. But how do you, the

00:16:10.600 --> 00:16:12.960
listener, actually start testing this without

00:16:12.960 --> 00:16:15.379
putting your own digital life at total risk?

00:16:15.659 --> 00:16:18.419
The big idea here is simple. Standard agents

00:16:18.419 --> 00:16:21.980
are wild horses. OK. Nemoclaw is the harness

00:16:21.980 --> 00:16:24.320
that finally makes them useful and safe to ride.

00:16:25.039 --> 00:16:27.799
But to practice at home, you absolutely need

00:16:27.799 --> 00:16:30.460
to isolate the environment. Right. The sources

00:16:30.460 --> 00:16:32.500
suggest setting up a dedicated agent server.

00:16:32.700 --> 00:16:35.620
Basically, grab an old laptop and install Linux.

00:16:36.299 --> 00:16:39.259
Beat. Now, look, I know setting up a dedicated

00:16:39.259 --> 00:16:41.659
Linux server sounds incredibly intimidating if

00:16:41.659 --> 00:16:43.820
you aren't a developer. Yeah, it can be. But

00:16:43.820 --> 00:16:46.299
the core lesson here isn't about becoming a sys

00:16:46.299 --> 00:16:48.840
admin. It's about the error -gapped mentality.

00:16:49.039 --> 00:16:51.139
Exactly. Even if you're just playing with a cloud

00:16:51.139 --> 00:16:53.419
agent, you need to compartmentalize. Never run

00:16:53.419 --> 00:16:55.659
an experimental agent on your main work laptop

00:16:55.659 --> 00:16:58.460
or your gaming machine. Agents are always on.

00:16:58.539 --> 00:17:00.980
They run asynchronously while you sleep. They

00:17:00.980 --> 00:17:03.039
will chew up your RAM. and slow your main machine

00:17:03.039 --> 00:17:05.700
down to a crawl. And more importantly, you want

00:17:05.700 --> 00:17:07.900
a physical wall protecting your personal files.

00:17:08.220 --> 00:17:10.859
Keep the wild horse in a separate barn entirely.

00:17:11.539 --> 00:17:14.240
Check your old hardware for an NVIDIA GPU if

00:17:14.240 --> 00:17:16.900
you want the best local performance. But the

00:17:16.900 --> 00:17:19.880
key is to start extremely small. Yes. Ask the

00:17:19.880 --> 00:17:22.680
agent to organize a folder of public low -stakes

00:17:22.680 --> 00:17:25.680
photos. Do not give it the password to your bank

00:17:25.680 --> 00:17:28.599
account or your primary email on day one. Please

00:17:28.599 --> 00:17:31.680
don't. Write clear, strict rules in those YAML

00:17:31.680 --> 00:17:35.339
files. You have to be the boss. And most crucially,

00:17:35.940 --> 00:17:38.559
constantly monitor the audit logs. So what does

00:17:38.559 --> 00:17:41.619
this all mean? We are finding a way to maintain

00:17:41.619 --> 00:17:44.660
human control over digital labor. But why is

00:17:44.660 --> 00:17:47.200
an audit trail so critical when working with

00:17:47.200 --> 00:17:49.519
agents compared to standard software where we

00:17:49.519 --> 00:17:51.799
rarely check the logs? It's because of the autonomy.

00:17:51.940 --> 00:17:54.019
When you use standard software, you see every

00:17:54.019 --> 00:17:55.980
action happen on the screen in real time. Right.

00:17:56.109 --> 00:17:58.109
But agents work asynchronously. They're making

00:17:58.109 --> 00:17:59.829
choices while you're eating, dinner, or sleeping.

00:18:00.390 --> 00:18:02.589
The audit logs are your only window into the

00:18:02.589 --> 00:18:04.789
decisions they made on your behalf and the rationale

00:18:04.789 --> 00:18:07.589
behind them. Without logs, you have zero visibility

00:18:07.589 --> 00:18:09.529
into what the agent did overnight. You have to

00:18:09.529 --> 00:18:12.529
verify the work. Trust, but aggressively verify

00:18:12.529 --> 00:18:14.970
through the logs. We've covered a massive amount

00:18:14.970 --> 00:18:16.990
of ground today. Thank you so much for joining

00:18:16.990 --> 00:18:20.250
us on this deep dive. You know, we started this

00:18:20.250 --> 00:18:23.450
conversation with... A nightmare. A researcher

00:18:23.450 --> 00:18:26.049
standing at her desk watching her inbox get wiped

00:18:26.049 --> 00:18:29.170
out by an eager, forgetful machine. It's a sobering

00:18:29.170 --> 00:18:31.509
reminder of the stakes involved as we hand over

00:18:31.509 --> 00:18:34.509
the keys. It really is. Platforms like Nemoclaw

00:18:34.509 --> 00:18:37.329
are building the steel ceilings we need. They're

00:18:37.329 --> 00:18:40.789
making agents secure, local, and incredibly autonomous.

00:18:41.349 --> 00:18:43.250
Soon these systems will take over almost all

00:18:43.250 --> 00:18:45.750
of our routine digital tasks. They will! But

00:18:45.750 --> 00:18:47.950
looking at all this research leaves me with one

00:18:47.950 --> 00:18:50.880
final provocative thought. If the platforms make

00:18:50.880 --> 00:18:53.319
agents perfectly secure and the machines do all

00:18:53.319 --> 00:18:55.599
the executing, wait, if they do all the executing,

00:18:55.880 --> 00:18:58.240
what happens to the value of human decision making?

00:18:59.160 --> 00:19:01.019
If we aren't doing the manual labor anymore,

00:19:01.059 --> 00:19:04.299
do we stop being doers entirely? Do we just become

00:19:04.299 --> 00:19:07.460
approvers? I highly encourage you to ponder what

00:19:07.460 --> 00:19:10.019
tasks you would delegate first and ask yourself,

00:19:10.140 --> 00:19:12.480
are you truly ready to become a manager of machines?

00:19:13.579 --> 00:19:16.460
Stay curious, stay safe, and we will catch you

00:19:16.460 --> 00:19:19.119
on the next deep dive. Upro music.