Agentic Stack

When I watched Jensen Huang’s NemoClaw / OpenClaw segment, it felt less like another keynote and more like someone quietly redefining the stack I build on every day. As a software and product engineer, this talk crystallized three big things for me: agents are becoming an operating system, SaaS is on a collision course with “GaaS” (Gent as a Service), and security/policy will be as fundamental as HTTP once was.

1. OpenClaw as the “OS of Agents”

The moment Jensen described OpenClaw as “essentially the operating system of agentic computers,” it clicked. OpenClaw isn’t just a framework; it’s an execution environment that:

• Manages resources: tools, file systems, large language models.
• Orchestrates workflows: decomposes prompts into stepwise tasks, schedules work, spawns sub-agents, runs cron-like jobs.
• Handles I/O: multimodal interaction (text, gestures, messages, email, etc.).

In other words, the primitives I used to design as bespoke “agent orchestration layers” inside each product are being standardized into an ecosystem-level OS.

From a software engineer’s point of view, this has several implications:

• I should design agents like processes, not features: they have lifecycles, capabilities, permissions, and IPC-like communication with other agents.
• “Prompt” is no longer a UI-level concern; it becomes an input spec that the OS (OpenClaw) decomposes and executes across tools and models.
• The boundary between backend and “agent runtime” is going to blur: business logic will be partly code, partly policy, partly model behavior.

As a product engineer, the more interesting shift is conceptual: we’re moving from “user uses a tool” to “user hires an agent.” Tools are implementation details; the user thinks in terms of delegating outcomes.

Example mental model

Until now:

• “I built a service that pulls data from X, runs Y pipeline, pushes to Z.”

In an OpenClaw world:

• “I define an agent that has access to tool X, Y, Z, plus a model, plus a schedule, plus communication channels. The OS figures out decomposition, retries, tool chaining.”

That’s not hype; it’s a re-frame of how I structure systems.

2. From SaaS to GaaS: Agents as Products

Jensen’s framing that “every SaaS company will become a GaaS company – Gent as a Service” was blunt and accurate. Traditional enterprise IT is tools + data centers; post-agentic IT is agents on top of those tools and data.

He essentially laid out this contrast:

As an engineer, this shifts what “shipping a product” means. Instead of building one more UI around an API, I should be asking:

• What is the agent my customer actually needs?
• What tools and data should that agent control?
• What guardrails and policies define “correct” behavior in their domain?

As a product engineer, this also changes pricing and UX:

• Pricing moves from “per seat” and “per feature” to “per token” and “per agent capability bundle.” Jensen even alluded to giving engineers token budgets as a default part of comp.
• Onboarding isn’t “learn to use our tool”; it’s “define what outcomes you want, configure or fine-tune the agent to your org, and connect your policy engine.”

This turns products into programmable colleagues rather than apps.

3. Security, Policy Engines, and the Reality Check

The most grounded part of the talk was the security reality: agentic systems in a corporate network can simultaneously:

• Access sensitive internal data (employees, finance, supply chain).
• Execute code.
• Communicate externally.

As Jensen said, saying those three capabilities out loud makes it clear why naive deployments are a non-starter. That’s where NVIDIA’s Open Shell and NemoClaw reference stack comes in.

They positioned NemoClaw as:

• A reference design that makes OpenClaw enterprise-ready with security and privacy by design.
• Integrated with policy engines from SaaS providers so orgs can enforce access, privacy, and guardrails.
• Equipped with guardrails and a privacy router to control what agents can do, where they can run, and what they can exfiltrate.

From an engineering perspective:

• “Policy” becomes a first-class artifact: not an afterthought config, but a core part of how the agent OS interprets what’s allowed.
• The agent runtime must be auditable: logs, traces, and “why did you do this” explanations are going to matter as much as latency.
• We’ll need test harnesses for agents that simulate policy boundaries, misconfigurations, and adversarial prompts.

From a product perspective:

• The job-to-be-done is: “Give me the productivity of agents with the compliance posture of my current stack.” NemoClaw is essentially being offered as a template for that.
• “Secure agent platform” is going to be a buying category on its own, not just a checkbox on a model API.

4. Open Models as a First-Class Input to Agents

Another big piece of the talk was NVIDIA’s open model initiative. They emphasized that no single model can serve every industry; instead, they’re building families of open models across domains:

• Neotron: reasoning models for language, visual understanding, RAG, safety, speech.
• Cosmos: frontier models for physical world generation and understanding.
• Groot: general-purpose robotics.
• Alpamo: autonomous vehicle intelligence.
• Bioneo: biology, chemistry, molecular design.
• Earth 2: AI physics for weather and climate.

All of these are intended to plug into agent systems like OpenClaw, and NVIDIA stressed two things:

• They want to stay at the frontier (leaderboard-topping models) and keep iterating (Neotron 3 → Neotron 4, Cosmos 1 → Cosmos 2, etc.).
• They explicitly want these as base models that countries and companies can customize into sovereign and domain-specific AI.

As an engineer, that means:

• Model choice becomes part of system design, not a backend afterthought. The right agent stack needs a model that matches the domain: biology vs. robotics vs. language vs. physics.
• Fine-tuning and post-training become product features: “Bring your own data, get your own specialist agent.”

As a product engineer, it means I can design offerings like:

• “Your sovereign customer support agent, powered by a fine-tuned Neotron base, with your own policies and logs.”
• “Your lab automation agent, built on Bioneo models and connected to your instruments and ELN.”

The fact that NVIDIA is investing billions into infrastructure and open models – and partnering with companies like LangChain, Mistral, Cursor, Perplexity, and others via the Neotron coalition – suggests this is not a short-lived experiment but a new layer in the AI stack.

5. What This Changes for How I Build

After this talk, here’s how I expect my own practice to evolve over the next few years.

As a software engineer:

• I’ll treat agents as programmable workers: versioned, tested, monitored, and governed like microservices, but with a richer behavioral surface.
• My “architecture diagrams” will include agents, tools, models, and policies as first-class nodes, not just services and queues.
• I’ll rely more on standardized frameworks like OpenClaw instead of building bespoke orchestration and tool-calling layers each time.

As a product engineer:

• I’ll start with “What agent are we giving the user?” rather than “What features are we giving the user?”
• Pricing and packaging will be built around usage (tokens), capabilities (what the agent is allowed to do), and risk (which policies apply), rather than just seat counts.
• I’ll treat “policy and compliance UX” as part of the core product: who can configure the agent, what it can see, what it can export, and how its decisions are explained.

And as someone thinking about the future of work:

• Jensen’s comment about engineers having a token budget that might be half their salary is radical but plausible in a world where agents multiply individual output by an order of magnitude.
• Companies will compete on the quality of their internal agent ecosystems just like they currently compete on internal tooling and platform engineering.

In short, this speech made one thing very clear: agents are not a feature bolted onto existing apps. They’re a new computing substrate, and OpenClaw + NemoClaw is an early blueprint for what the “agent OS + secure enterprise runtime + open domain models” stack will look like.

As a builder, I’m now planning features, architectures, and even business models with that future in mind.