Jarvis - Chief of AI Staff on NVIDIA GB10

Deploy Jarvis, your Chief of AI Staff, on OpenClaw. Optimized for Dell Pro Max GB10 (NVIDIA DGX Spark) edge devices. Use when setting up Jarvis, configuring...

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 22 · 0 current installs · 0 all-time installs

by@gignaati

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The declared requirements (bash, systemctl, docker, and an LLM backend such as ollama or LM Studio) match the described functionality (local model hosting, restarting the OpenClaw gateway, running a local SearXNG Docker container for web search). No unrelated credentials or binaries are requested.

ℹ

Instruction Scope

The SKILL.md and included scripts confine activity to the user's OpenClaw workspace and local services (editing ~/.openclaw/openclaw.json, deploying workspace markdown files, creating memory files, running security-hardening that adjusts UFW/permissions, and restarting the gateway). The instructions do require the user to run commands that may need sudo (systemctl restart openclaw, enabling UFW), to initialize a local git repo, and to optionally run docker to pull images. There is no instruction to read or send unrelated system files or to phone-home; the 'heartbeat' setting uses "0m" as an initial disabled value (documented).

ℹ

Install Mechanism

This is instruction-only (no install spec). That's lower risk. However, some optional steps instruct running docker run searxng/searxng:latest which will pull container images from Docker Hub (external network download). The scripts themselves declare they make no external network calls. The presence of downloadable Docker images is expected for the SearXNG web search option but is an explicit external network action the user must consent to.

✓

Credentials

The skill does not require or request any secret environment variables by default. It documents optional integrations that would need credentials (Brave API key, Google Workspace via a separate 'gog' skill) and explicitly advises using a dedicated agent account for email/calendar. Environment/credential requests are proportional and optional.

ℹ

Persistence & Privilege

always:false and user-invocable are appropriate. The skill will modify user-space configuration (~/.openclaw/openclaw.json), workspace files, set filesystem permissions, suggest UFW rules, and asks the user to restart the gateway (requires sudo). Those are legitimate for a system-level agent but require administrator privilege and user awareness before running.

Assessment

This skill appears to do what it says, but review and consider these practical points before installing or running: 1) Inspect the included scripts yourself — deploy-workspace.sh and security-harden.sh run locally and will create/modify files in ~/.openclaw and may require sudo for firewall/service commands. 2) Enabling web search via SearXNG uses docker run searxng/searxng:latest, which pulls an image from Docker Hub (external network). Only run it if you accept that network download. 3) The skill initializes a git repo in your workspace (git init) — be careful not to add a remote and push sensitive workspace contents. 4) Optional integrations (Brave API, Google Workspace) require credentials; follow the guidance to use dedicated accounts. 5) Start with the heartbeat disabled (the README suggests 0m initially) and enable proactive behavior only after you verify everything. 6) Run this first in a non-production/test environment or snapshot/back up your current workspace (the deploy script already creates a backup when it detects existing files). If you want additional assurance, run the scripts line-by-line rather than blindly executing the full installer.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk97amggz7n9pys8grxqmvvg0x1830g5k

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🤖 Clawdis

OSLinux

Binsbash, systemctl, docker

Any binollama, lms

SKILL.md

Jarvis — Chief of AI Staff

Your always-on, local-first AI executive that runs entirely on-premise. Zero cloud bills. Zero data egress. Full enterprise intelligence.

Created by: Yogesh Huja — Founder & CEO, Gignaati Book: Invisible Enterprises — Best-selling guide on leading with People & AI Agents

What Is Jarvis?

Jarvis is not a chatbot. Jarvis is your Chief of AI Staff — a strategic, proactive, always-on AI executive that manages operations, communications, research, and project orchestration autonomously from your Dell Pro Max GB10 (NVIDIA DGX Spark).

Jarvis runs entirely on your hardware. No data leaves your machine. No API costs. No cloud dependency.

Who Is This For?

Founders, CEOs, and CTOs who want an AI-powered operations layer
Enterprises deploying on-premise AI agents under DPDP Act or data sovereignty requirements
Teams using Dell Pro Max GB10 or NVIDIA DGX Spark for edge AI
Anyone building a production-grade OpenClaw agent beyond basic chat

What Jarvis Can Do

Email & Calendar Secretary — Inbox triage, scheduling, draft replies, meeting management
Proactive Project Management — Status updates, follow-ups, sprint tracking via WhatsApp or messaging
Research Agent — Web search combined with local files for personalized intelligence reports
Competitive Intelligence — Monitor market shifts, competitor moves, technology trends
Sales Pipeline Support — Draft outreach, track leads, generate proposals from templates
System Guardian — Monitor GPU health, RAM, disk usage, and alert on anomalies

Prerequisites

Before running Jarvis, ensure:

Hardware: Dell Pro Max GB10 (NVIDIA DGX Spark) running Linux (Ubuntu-based)
OpenClaw: Installed and onboarded (openclaw --version returns a valid version)
LLM Backend: Either Ollama or LM Studio installed and running
Model: At least one model pulled (recommended: qwen3.5:35b-a3b or qwen3.5:27b)
Network: Tailscale VPN configured for remote access (recommended, not required)
Docker: Installed for SearXNG web search (docker --version)

Verify readiness:

# Check all prerequisites
echo "=== Jarvis Readiness Check ==="
echo "OS: $(uname -srm)"
echo "OpenClaw: $(openclaw --version 2>/dev/null || echo 'NOT INSTALLED')"
echo "Ollama: $(ollama --version 2>/dev/null || echo 'NOT INSTALLED')"
echo "Docker: $(docker --version 2>/dev/null || echo 'NOT INSTALLED')"
echo "GPU: $(nvidia-smi --query-gpu=name,memory.total --format=csv,noheader 2>/dev/null || echo 'NOT DETECTED')"
echo "Gateway: $(systemctl is-active openclaw 2>/dev/null || echo 'NOT RUNNING')"
echo "=== Check Complete ==="

Installation

Phase 1: Deploy Jarvis Persona (5 minutes)

This phase loads Jarvis's identity, memory, and operating instructions into your OpenClaw workspace.

Step 1 — Back up your existing workspace:

cp -r ~/.openclaw/workspace ~/.openclaw/workspace.backup.$(date +%Y%m%d) 2>/dev/null
echo "Backup complete (or no existing workspace found)."

Step 2 — Deploy workspace files:

bash {baseDir}/scripts/deploy-workspace.sh

This creates or updates the following files in ~/.openclaw/workspace/:

File	Purpose
`SOUL.md`	Jarvis's behavioral philosophy, tone, and boundaries
`IDENTITY.md`	Name, role, voice, and presentation
`USER.md`	Your profile — edit this with your details
`MEMORY.md`	Curated long-term memory (Tier 1, always loaded)
`AGENTS.md`	Operating instructions, tool permissions, memory rules
`HEARTBEAT.md`	Proactive checklist for 30-minute heartbeat cycles
`TOOLS.md`	Local environment, installed skills, model-specific notes
`memory/`	Daily logs, people, projects, topics, decisions

Step 3 — Personalize USER.md:

Open ~/.openclaw/workspace/USER.md and replace placeholder values with your actual details:

nano ~/.openclaw/workspace/USER.md

Update: your name, email, company name, communication preferences, and priorities.

Step 4 — Initialize git backup:

cd ~/.openclaw/workspace
git init 2>/dev/null
git add -A
git commit -m "Jarvis workspace: initial deployment by gignaati/jarvis-chief-of-ai-staff"

Phase 2: Configure LLM Backend (10 minutes)

Option A — Ollama (recommended for simplicity):

# Pull the recommended model
ollama pull qwen3.5:35b-a3b

# Verify it runs
ollama run qwen3.5:35b-a3b "Hello, I am Jarvis." --verbose

Option B — LM Studio with llama.cpp (recommended for performance):

For Qwen3.5-35B-A3B, you need the role translation proxy. See: https://github.com/ZengboJamesWang/Qwen3.5-35B-A3B-openclaw-dgx-spark

Configure OpenClaw to use local model:

Edit ~/.openclaw/openclaw.json:

{
  "agent": {
    "model": "ollama/qwen3.5:35b-a3b",
    "workspace": "~/.openclaw/workspace",
    "thinkingDefault": "high",
    "timeoutSeconds": 1800,
    "heartbeat": {
      "every": "0m"
    }
  }
}

Note: Start with heartbeat disabled ("0m"). Enable after you trust the setup.

Phase 3: Enable Web Search (5 minutes)

Option A — SearXNG (free, fully local, recommended):

# Deploy SearXNG as a Docker container
docker run -d \
  --name searxng \
  --restart=always \
  -p 8888:8080 \
  -e SEARXNG_SECRET=$(openssl rand -hex 32) \
  searxng/searxng:latest

# Verify it works
sleep 5
curl -s "http://127.0.0.1:8888/search?q=test&format=json" | head -c 100
echo ""
echo "SearXNG is running at http://127.0.0.1:8888"

Option B — Brave Search (built-in, costs $5/month):

# Set your Brave API key
export BRAVE_API_KEY="BSA-your-key-here"
echo 'export BRAVE_API_KEY="BSA-your-key-here"' >> ~/.bashrc

# Configure in OpenClaw
openclaw configure --section web

Phase 4: Security Hardening (5 minutes)

bash {baseDir}/scripts/security-harden.sh

This script:

Configures WhatsApp allowlist (restricts who can message Jarvis)
Enables sandbox mode for filesystem access
Sets up UFW firewall rules
Generates SSL certificates for the dashboard
Creates a security audit log

Phase 5: Verify Deployment (2 minutes)

Restart the gateway:

sudo systemctl restart openclaw
sleep 3
systemctl status openclaw

Check that all workspace files are loaded:

Send this as your first message to Jarvis (via WhatsApp or the dashboard):

Hey Jarvis, run /context list and tell me which workspace files are loaded.

Expected response: All 7 core files listed as loaded (SOUL.md, IDENTITY.md, USER.md, MEMORY.md, AGENTS.md, HEARTBEAT.md, TOOLS.md).

Test the persona:

Who are you and what is your role?

Expected: Jarvis identifies as Chief of AI Staff, describes capabilities, references your company.

Post-Installation

Enable Heartbeat (when ready)

After 24-48 hours of stable operation, enable proactive behavior:

Edit ~/.openclaw/openclaw.json:

{
  "agent": {
    "heartbeat": {
      "every": "30m"
    }
  }
}

Restart: sudo systemctl restart openclaw

Add Google Workspace (optional)

Install the gog skill for Gmail, Calendar, and Drive:

clawhub install gog

CRITICAL: Use a dedicated agent account (e.g., jarvis@yourcompany.com), never your personal Gmail. Google can ban accounts that show automated behavior. Start with read-only permissions.

Model Upgrade Path

Model	Use Case	VRAM	Speed on GB10
qwen3.5:27b	Quick tasks, testing	~40GB	Fast
qwen3.5:35b-a3b	Daily operations (recommended)	~35GB active	~43 tok/s
gpt-oss-120b	Complex reasoning, analysis	~65GB	Slower
qwen3.5:122b-a10b	Coding, technical work	~50GB active	Moderate

Dell Pro Max GB10 Optimization Notes

The Dell Pro Max GB10 (NVIDIA DGX Spark) is the ideal hardware for Jarvis:

128GB unified memory — Run models up to 120B parameters entirely on-device
NVIDIA Grace Blackwell GPU — Tensor Cores optimized for AI inference
Always-on Linux — Designed for 24/7 operation, perfect for an always-on agent
1.9TB+ storage — Room for multiple models, RAG indexes, and workspace history
Thermal design — Sustained 70°C under heavy load is normal and healthy

Performance tips:

Use MoE models (like Qwen3.5-35B-A3B) — they activate fewer parameters per request, giving better speed-to-capability ratio
Set GPU to performance mode: sudo nvpmodel -m 0 && sudo jetson_clocks
Monitor thermals: GPU should stay below 85°C under sustained load
Keep at least 20GB RAM free for the OS and OpenClaw gateway
Use NVFP4 quantization for larger models (see NVIDIA playbook at build.nvidia.com/spark/nvfp4-quantization)

Memory Architecture

Jarvis uses a 3-tier memory system designed for long-term reliability:

Tier 1 — Always Loaded (every session)
├── SOUL.md        → Who Jarvis is
├── IDENTITY.md    → Name and voice
├── USER.md        → Who you are
├── MEMORY.md      → Curated long-term facts (keep under 100 lines)
├── AGENTS.md      → Operating rules
├── HEARTBEAT.md   → Proactive checklist
└── TOOLS.md       → Environment config

Tier 2 — Auto-loaded (today + yesterday)
└── memory/YYYY-MM-DD.md  → Daily observations

Tier 3 — Searched on demand (semantic)
├── memory/people/     → Contact profiles
├── memory/projects/   → Project status
├── memory/topics/     → Domain knowledge
└── memory/decisions/  → Decision log with rationale

Critical rule: Put durable instructions in FILES, not in chat messages. Chat messages are lost during context compaction. Everything in Tier 1 files survives compaction.

Security Model

Jarvis follows a defense-in-depth security approach:

Isolation — Run on a dedicated or clean DGX Spark, not your primary workstation
Least privilege — Dedicated agent accounts with minimum access
Skill vetting — Only install community-vetted skills; audit source code
Network security — Never expose the web UI to public internet; use Tailscale VPN
Firewall — UFW rules to restrict agent's outbound connections
Monitoring — Daily log review, heartbeat health checks
Approval gates — External messages, file modifications, and bulk operations require human confirmation
Git-backed workspace — All memory and config changes are version-controlled and recoverable

This skill contains NO:

Network calls to external endpoints
Obfuscated or encoded code
Filesystem access outside the OpenClaw workspace
Requests for API keys or credentials
Background processes or daemons
Binary downloads or package installations beyond declared dependencies

Troubleshooting

Jarvis doesn't know who he is:

Run /context list to check if SOUL.md and IDENTITY.md are loaded
Verify files exist in ~/.openclaw/workspace/
Check file sizes are under 20,000 characters each
Restart the gateway: sudo systemctl restart openclaw

Memory is not persisting:

Check that MEMORY.md exists and is under 100 lines
Verify daily memory files are being created in memory/
Look for "dirty" memory warnings in the dashboard
Ensure the workspace is writable: ls -la ~/.openclaw/workspace/

GPU overheating (>85°C):

Check ambient temperature and airflow
Reduce model size or context window
Run nvidia-smi to check current utilization
Consider enabling speculative decoding for efficiency

WhatsApp not responding:

Check channel authentication in the dashboard
Verify allowlist configuration includes your number
Restart gateway and re-scan WhatsApp QR code

Uninstall

To remove Jarvis persona files while keeping OpenClaw intact:

# Back up first
cp -r ~/.openclaw/workspace ~/.openclaw/workspace.jarvis-backup.$(date +%Y%m%d)

# Remove Jarvis-specific files
rm ~/.openclaw/workspace/SOUL.md
rm ~/.openclaw/workspace/IDENTITY.md
rm ~/.openclaw/workspace/HEARTBEAT.md

# Restart gateway
sudo systemctl restart openclaw

Your USER.md, MEMORY.md, and AGENTS.md can be kept or customized for a different persona.

Credits & Resources

Skill Author: Yogesh Huja — Founder & CEO, Gignaati (Smartians AI Pvt. Ltd)

Book: Invisible Enterprises: How to Lead Better with People & AI Agents by Yogesh Huja — The best-selling guide for leaders navigating the intersection of human talent and AI-powered operations.

Powered by: Gignaati — Making enterprise AI accessible, affordable, and local-first.

References:

License: MIT — Use freely, modify freely, attribute kindly.

Version: 1.0.0 | Last Updated: 2026-03-16

Files

15 total

Select a file

Select a file to preview.

Comments

Loading comments…