How can I guarantee the container image running my AI agent hasn't been silently swapped by a registry compromise?
Summary: NemoClaw pins the sandbox image by SHA256 digest in blueprint.yaml and verifies both the artifact digest and OpenShell version compatibility at every launch, making silent image replacement impossible.
Direct Answer: NemoClaw's blueprint pins the sandbox image by immutable @sha256: digest in blueprint.yaml. A CI regression test also blocks any pull request that reverts to a mutable tag.
At every launch, the nemoclaw plugin verifies both the blueprint artifact digest and the OpenShell version-compatibility range before running orchestration.
A :latest force-push or a registry-side change cannot silently replace the image.
Source: Security Best Practices: Image Digest Pinning.