fix(install): detect and remove broken npm placeholder package

[Dongni-Yang]

Summary

• Remove bare npm install -g nemoclaw from docs — it points to a broken 249-byte placeholder on npmjs.org that only contains package.json
• Add is_real_nemoclaw_cli() behavioural validation to verify_nemoclaw() — runs nemoclaw --version and verifies the output matches nemoclaw v<semver> (mirrors the isOpenshellCLI() pattern from PR fix: validate openshell binary to prevent npm package shadowing #970)
• Update verify_nemoclaw() to validate every candidate binary before accepting it, and auto-uninstall if the binary fails the check

Supersedes #761 (docs-only fix, now stale with merge conflicts).

Fixes #506
Relates to #737, #967

Test plan

Updated all existing fake nemoclaw stubs to output nemoclaw v<version> format so they pass is_real_nemoclaw_cli(). Existing test prints the HTTPS GitHub remediation when the binary is missing still asserts bare npm install -g nemoclaw never appears in output.

Signed-off-by: Dongni Yang [email protected]

Summary by CodeRabbit

• Documentation

  • Updated CLI installation docs to show the shell-script installer (curl ... | bash) as the recommended method instead of npm global install.

• Bug Fixes

  • Improved installer checks to verify the CLI binary is genuine and functional.
  • Added clearer recovery steps and warnings for broken or missing installations to reduce installation failures.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Installer now validates discovered nemoclaw binaries by running --version, uninstalls broken global npm installs, and sets a recovery export path when appropriate. Documentation removed the npm install -g nemoclaw install recommendation. Tests updated to cover detection, validation, and uninstall flows.

Changes

Cohort / File(s)	Summary
Documentation \.agents/skills/nemoclaw-reference/references/commands.md, docs/reference/commands.md	Replaced guidance that nemoclaw is installed via npm install -g nemoclaw with instruction that the CLI is installed by the installer (`curl -fsSL https://www.nvidia.com/nemoclaw.sh
Installer script scripts/install.sh	Added is_real_nemoclaw_cli(bin_path) to validate nemoclaw --version; updated verify_nemoclaw() control flow to use validation, warn on invalid binaries, attempt npm uninstall -g nemoclaw for remediation, and set NEMOCLAW_RECOVERY_EXPORT_DIR when a valid npm-installed binary is present but not on PATH.
Tests test/install-preflight.test.js	Updated test stubs: fake nemoclaw shims now emit nemoclaw v<version> for --version, fake npm recognizes uninstall, and assertions tightened to expect the exact installer `curl -fsSL https://www.nvidia.com/nemoclaw.sh

Sequence Diagram(s)

sequenceDiagram
  participant Shell as Shell / PATH
  participant Installer as Installer Script
  participant NPM_BIN as $npm_prefix/bin/nemoclaw
  participant NPM as npm (global pkg)

  Shell->>Installer: execute install.sh
  Installer->>Shell: command_exists("nemoclaw")?
  alt found in PATH
    Installer->>Shell: run `nemoclaw --version`
    alt output matches "nemoclaw v<semver>"
      Installer->>Shell: accept existing CLI
    else output invalid
      Installer->>NPM: run `npm uninstall -g nemoclaw`
      NPM->>NPM_BIN: remove broken binary
      Installer->>Shell: continue installer (install CLI)
    end
  else not in PATH
    Installer->>NPM_BIN: check `$npm_prefix/bin/nemoclaw`
    alt exists and `--version` valid
      Installer->>Shell: set NEMOCLAW_RECOVERY_EXPORT_DIR (export path) and warn
    else exists but invalid
      Installer->>NPM: run `npm uninstall -g nemoclaw`
      NPM->>NPM_BIN: remove broken binary
      Installer->>Shell: proceed with installer (install CLI)
    end
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Poem

🐰 I sniffed a phantom CLI in the glen,
It whispered versions, but was not the ken.
I hopped, I checked, I gave it the shove,
Cleared the trail for the real tool to love. 🥕

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: detecting and removing a broken npm placeholder package, which aligns with the core objective of validating binaries and auto-uninstalling broken packages.
Linked Issues check	✅ Passed	The PR fully addresses Issue #506 objectives: detects broken binaries via nemoclaw --version validation, auto-uninstalls broken packages, removes documentation recommending bare npm install -g, and updates tests to reflect the validation check.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to Issue #506: documentation updates remove npm global install guidance, validation logic is added to detect broken binaries, auto-uninstall is implemented, and tests are updated to support the new validation.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

docs/reference/commands.md (1)

25-25: Split this into one-sentence lines and avoid passive voice.

This change puts two sentences on one source line, and “It is installed automatically by ...” is passive. Please split the sentences and make the installer script the subject.

As per coding guidelines, "Active voice required. Flag passive constructions." and "One sentence per line in source (makes diffs readable). Flag paragraphs where multiple sentences appear on the same line."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/reference/commands.md` at line 25, Split the current line into two lines
so each sentence is on its own source line, and rewrite the second sentence to
use active voice with the installer script as the subject; e.g., keep the first
line describing the "nemoclaw CLI" as the primary interface for managing
NemoClaw sandboxes, then add a second line starting with "The installer script
installs the `nemoclaw` CLI..." to remove passive voice and satisfy the
one-sentence-per-line rule referenced in the docs text about the `nemoclaw` CLI
and the installer script.

test/install-preflight.test.js (1)

385-390: Assert the post-remediation happy path too.

This scenario currently proves the uninstall side effect, but not that the installer actually recovers and leaves a valid CLI behind. Adding a result.status === 0 assertion and a final --version check on the replacement binary would keep the test aligned with the PR objective.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/install-preflight.test.js` around lines 385 - 390, Add post-remediation
assertions to verify the installer recovered successfully: after the existing
checks using output and npmLog, assert result.status === 0 to confirm the
process exited successfully, then spawn or exec the replaced CLI binary (use the
same path used earlier in the test) with the "--version" flag and assert its
stdout matches the expected version string (or a semver regex). Reference the
existing test variables result, output, npmLog and the fs-based log check to
locate where to insert the new assertions.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/install.sh`:
- Around line 935-938: The verify_nemoclaw helper currently calls
remove_broken_nemoclaw after install_nemoclaw (which runs npm link), so the
placeholder uninstall path can be skipped; move the broken-package cleanup to
run before any linking—either invoke remove_broken_nemoclaw at the start of
install_nemoclaw (before npm link) or change the call site so verify_nemoclaw is
executed before install_nemoclaw performs npm link; update references to
verify_nemoclaw, install_nemoclaw and remove_broken_nemoclaw accordingly so the
cleanup always runs prior to creating the linked CLI.
- Around line 918-933: The remove_broken_nemoclaw() function currently returns
non-zero on no-op paths which aborts callers under set -e; change its non-error
exits to return 0 so no-op/valid-binary cases are considered successful.
Specifically, update the checks inside remove_broken_nemoclaw: replace the early
exit after the executable test ([[ -x "$nemoclaw_bin" ]] || return 1) to return
0 instead, and change the final return 1 to return 0 so successful/no-op
outcomes return success; keep error/command-failure paths (like npm_prefix
assignment failures) returning non-zero as-is.

---

Nitpick comments:
In `@docs/reference/commands.md`:
- Line 25: Split the current line into two lines so each sentence is on its own
source line, and rewrite the second sentence to use active voice with the
installer script as the subject; e.g., keep the first line describing the
"nemoclaw CLI" as the primary interface for managing NemoClaw sandboxes, then
add a second line starting with "The installer script installs the `nemoclaw`
CLI..." to remove passive voice and satisfy the one-sentence-per-line rule
referenced in the docs text about the `nemoclaw` CLI and the installer script.

In `@test/install-preflight.test.js`:
- Around line 385-390: Add post-remediation assertions to verify the installer
recovered successfully: after the existing checks using output and npmLog,
assert result.status === 0 to confirm the process exited successfully, then
spawn or exec the replaced CLI binary (use the same path used earlier in the
test) with the "--version" flag and assert its stdout matches the expected
version string (or a semver regex). Reference the existing test variables
result, output, npmLog and the fs-based log check to locate where to insert the
new assertions.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 8411efea-8f3c-4b6b-acd0-648b64b34d8e

📥 Commits

Reviewing files that changed from the base of the PR and between adbea05 and e048abc.

📒 Files selected for processing (4)

• .agents/skills/nemoclaw-reference/references/commands.md
• docs/reference/commands.md
• scripts/install.sh
• test/install-preflight.test.js

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

test/install-preflight.test.js (1)

391-397: Consider adding an assertion to verify the binary was actually removed.

While the test checks that npm uninstall -g nemoclaw was called, it would be more robust to also verify that the broken binary no longer exists after the test completes:

// After the existing assertions:
expect(fs.existsSync(path.join(prefix, "bin", "nemoclaw"))).toBe(false);
// Or if npm link recreates it with a valid binary:
const finalBinary = path.join(prefix, "bin", "nemoclaw");
if (fs.existsSync(finalBinary)) {
  const versionOutput = spawnSync(finalBinary, ["--version"], { encoding: "utf-8" });
  expect(versionOutput.stdout).toMatch(/^nemoclaw v/);
}

This would verify the end-to-end behavior: broken binary detected → removed → valid binary installed.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/install-preflight.test.js` around lines 391 - 397, Add an assertion
after the existing expectations to verify the broken binary was actually
removed: check fs.existsSync(path.join(prefix, "bin", "nemoclaw")) is false; if
a reinstall may recreate the binary, instead check the recreated binary by
calling spawnSync(finalBinary, ["--version"], { encoding: "utf-8" }) and assert
the output matches the expected version pattern (e.g., /^nemoclaw v/); update
the test block that references output/npmLog to include this existence/version
assertion using the same prefix, fs, path and spawnSync identifiers.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@test/install-preflight.test.js`:
- Around line 313-397: The test currently invokes the installer via
spawnSync("bash", [INSTALLER], ...) which causes the script to detect the repo
as a source checkout and skip the remove_broken_nemoclaw() path; fix by changing
the test invocation so the installer runs as a piped script or forcing bootstrap
mode: either pipe the installer contents into bash (like cat INSTALLER | bash
...) so SCRIPT_DIR isn't the repo, or set the environment variable
NEMOCLAW_BOOTSTRAP_PAYLOAD=1 in the spawnSync env to force the bootstrap/clone
path; ensure the test still asserts the uninstall log and references the same
INSTALLER and remove_broken_nemoclaw() behavior.

---

Nitpick comments:
In `@test/install-preflight.test.js`:
- Around line 391-397: Add an assertion after the existing expectations to
verify the broken binary was actually removed: check
fs.existsSync(path.join(prefix, "bin", "nemoclaw")) is false; if a reinstall may
recreate the binary, instead check the recreated binary by calling
spawnSync(finalBinary, ["--version"], { encoding: "utf-8" }) and assert the
output matches the expected version pattern (e.g., /^nemoclaw v/); update the
test block that references output/npmLog to include this existence/version
assertion using the same prefix, fs, path and spawnSync identifiers.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a0c4473d-62d4-4ad2-a51e-934289ee9877

📥 Commits

Reviewing files that changed from the base of the PR and between e048abc and f9bb589.

📒 Files selected for processing (4)

• .agents/skills/nemoclaw-reference/references/commands.md
• docs/reference/commands.md
• scripts/install.sh
• test/install-preflight.test.js

✅ Files skipped from review due to trivial changes (2)

• .agents/skills/nemoclaw-reference/references/commands.md
• docs/reference/commands.md

🚧 Files skipped from review as they are similar to previous changes (1)

• scripts/install.sh

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

scripts/install.sh (1)

1174-1176: Add an order assertion for the cleanup-before-link fix.

This wiring looks right now, but the current e2e in test/install-preflight.test.js (Lines 313-370) only proves that uninstall -g nemoclaw happened at some point. A future refactor could move this back below install_nemoclaw and still pass. Recording and asserting uninstall -g nemoclaw before link would lock the regression down.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/install.sh` around lines 1174 - 1176, Add an explicit order assertion
in the preflight test to lock the cleanup-before-link behavior: update the test
that exercises remove_broken_nemoclaw / install_nemoclaw / verify_nemoclaw to
capture the run logs/output and assert that the "uninstall -g nemoclaw" (the
removal from remove_broken_nemoclaw) occurs before the linking step (the link
operation invoked during install/linking), e.g. by finding the index/position of
the uninstall message and the link message in the aggregated output and
asserting uninstall_index < link_index so future refactors can't move the
uninstall after link.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/install.sh`:
- Around line 975-977: The fallback messages that suggest running "npm install
-g git+https://github.com/NVIDIA/NemoClaw.git" are dangerous because
install_nemoclaw() intentionally avoids that path; update the three messages
(the warn/warn/error block that currently mentions the raw npm git install and
the "nemoclaw binary not found" error) to instead direct users to re-run the
project's installer entrypoint (e.g., the top-level install script or documented
installer command) and/or refer them to the install_nemoclaw() flow for
pinned/ref-aware installation; change the text for the warn lines to suggest
using the installer entrypoint and change the final error to indicate
installation failed and recommend running the installer entrypoint or opening an
issue rather than suggesting raw npm git install.
- Around line 906-912: The is_real_nemoclaw_cli() function currently uses a
loose regex; tighten it to only accept full semver outputs (e.g. "nemoclaw
vMAJOR.MINOR.PATCH" with optional pre-release/build) so malformed strings like
"nemoclaw v1 broken" fail; update the regex in is_real_nemoclaw_cli() to anchor
the end and require numeric MAJOR.MINOR.PATCH (optionally with -prerelease or
+build) so remove_broken_nemoclaw() and verify_nemoclaw() reliably detect real
installs.

---

Nitpick comments:
In `@scripts/install.sh`:
- Around line 1174-1176: Add an explicit order assertion in the preflight test
to lock the cleanup-before-link behavior: update the test that exercises
remove_broken_nemoclaw / install_nemoclaw / verify_nemoclaw to capture the run
logs/output and assert that the "uninstall -g nemoclaw" (the removal from
remove_broken_nemoclaw) occurs before the linking step (the link operation
invoked during install/linking), e.g. by finding the index/position of the
uninstall message and the link message in the aggregated output and asserting
uninstall_index < link_index so future refactors can't move the uninstall after
link.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: fec4dfe9-d061-4485-9666-f06f955bc6aa

📥 Commits

Reviewing files that changed from the base of the PR and between f9bb589 and 590dc9a.

📒 Files selected for processing (3)

• .agents/skills/nemoclaw-reference/references/commands.md
• docs/reference/commands.md
• scripts/install.sh

✅ Files skipped from review due to trivial changes (2)

• .agents/skills/nemoclaw-reference/references/commands.md
• docs/reference/commands.md

[coderabbitai]

♻️ Duplicate comments (1)

scripts/install.sh (1)

955-957: ⚠️ Potential issue | 🟠 Major

Don't point failures at raw npm install -g git+... here.

install_nemoclaw() explicitly avoids that path so it can pre-extract openclaw before npm install and pin the resolved ref. This hint can reintroduce the GH-503 tarball failure or install default-branch HEAD instead of the tagged release. Point users back to the installer entrypoint instead.

Suggested fix

 warn "Could not locate the nemoclaw executable."
-warn "Try running:  npm install -g git+https://github.com/NVIDIA/NemoClaw.git"
+warn "Try re-running:  curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash"
 error "Installation failed: nemoclaw binary not found."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/install.sh` around lines 955 - 957, The displayed error message
incorrectly suggests running a raw `npm install -g
git+https://github.com/NVIDIA/NemoClaw.git`, which `install_nemoclaw()`
intentionally avoids; update the three warning/error strings (the messages
currently shown when the nemoclaw binary is not found) to direct users back to
the installer entrypoint (e.g., run the provided installer script or follow the
project's install instructions) instead of recommending a raw git-based npm
install so we don't reintroduce the GH-503 tarball failure or install an
unpinned HEAD; change the messages referenced in the failing branch where
`nemoclaw` is checked (the messages surrounding the current "Could not locate
the nemoclaw executable." / "Try running:  npm install -g
git+https://github.com/NVIDIA/NemoClaw.git" / "Installation failed: nemoclaw
binary not found.") to a single clear hint pointing to the installer entrypoint.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Duplicate comments:
In `@scripts/install.sh`:
- Around line 955-957: The displayed error message incorrectly suggests running
a raw `npm install -g git+https://github.com/NVIDIA/NemoClaw.git`, which
`install_nemoclaw()` intentionally avoids; update the three warning/error
strings (the messages currently shown when the nemoclaw binary is not found) to
direct users back to the installer entrypoint (e.g., run the provided installer
script or follow the project's install instructions) instead of recommending a
raw git-based npm install so we don't reintroduce the GH-503 tarball failure or
install an unpinned HEAD; change the messages referenced in the failing branch
where `nemoclaw` is checked (the messages surrounding the current "Could not
locate the nemoclaw executable." / "Try running:  npm install -g
git+https://github.com/NVIDIA/NemoClaw.git" / "Installation failed: nemoclaw
binary not found.") to a single clear hint pointing to the installer entrypoint.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 3be950f3-69ef-47c8-a24a-26f30d9c69e0

📥 Commits

Reviewing files that changed from the base of the PR and between 590dc9a and 6eb8bc4.

📒 Files selected for processing (2)

• scripts/install.sh
• test/install-preflight.test.js

[coderabbitai]

🧹 Nitpick comments (1)

test/install-preflight.test.js (1)

434-441: Optional: extract the repeated inline fake nemoclaw shim into a shared helper.

The same shell-body pattern is duplicated across many tests; centralizing it would reduce churn for future behavior tweaks (e.g., version format changes).

♻️ Refactor sketch

+function nemoclawShim({ includeOnboardLog = false } = {}) {
+  return `#!/usr/bin/env bash
+if [ "$1" = "--version" ]; then echo "nemoclaw v0.1.0-test"; exit 0; fi
+if [ "$1" = "onboard" ]; then
+  ${includeOnboardLog ? `printf '%s\\n' "$*" >> "$NEMOCLAW_ONBOARD_LOG"` : `exit 0`}
+  exit 0
+fi
+exit 0
+`;
+}
...
-if [ "$1" = "link" ]; then
-  cat > "$NPM_PREFIX/bin/nemoclaw" <<'EOS'
-#!/usr/bin/env bash
-if [ "$1" = "--version" ]; then echo "nemoclaw v0.1.0-test"; exit 0; fi
-if [ "$1" = "onboard" ]; then exit 0; fi
-exit 0
-EOS
+if [ "$1" = "link" ]; then
+  cat > "$NPM_PREFIX/bin/nemoclaw" <<'EOS'
+${nemoclawShim()}
+EOS

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/install-preflight.test.js` around lines 434 - 441, Extract the repeated
inline shim into a shared test helper (e.g., writeFakeNemoclawShim(npmPrefix,
{version, onboardExitCode})) that writes the same script content to
"$NPM_PREFIX/bin/nemoclaw", sets executable permissions, and returns any errors;
replace in-test heredoc blocks with calls to writeFakeNemoclawShim and pass a
configurable version string and behavior so tests can change version format or
responses centrally; update tests that reference the inline shim to call this
helper and remove duplicate chmod/exit handling.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@test/install-preflight.test.js`:
- Around line 434-441: Extract the repeated inline shim into a shared test
helper (e.g., writeFakeNemoclawShim(npmPrefix, {version, onboardExitCode})) that
writes the same script content to "$NPM_PREFIX/bin/nemoclaw", sets executable
permissions, and returns any errors; replace in-test heredoc blocks with calls
to writeFakeNemoclawShim and pass a configurable version string and behavior so
tests can change version format or responses centrally; update tests that
reference the inline shim to call this helper and remove duplicate chmod/exit
handling.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: bdf31a1b-eeff-44a6-afc5-fbf28ba60672

📥 Commits

Reviewing files that changed from the base of the PR and between 6eb8bc4 and 8444075.

📒 Files selected for processing (2)

• scripts/install.sh
• test/install-preflight.test.js

🚧 Files skipped from review as they are similar to previous changes (1)

• scripts/install.sh

[cv]

Security Review — WARNING (CI failing)

Security-wise the code is clean — detection heuristic is strict, no injection risks, removal scope is appropriate, fail-safe control flow.

Required fix

CI failure: The warn "Try re-running: curl -fsSL ... | bash" line in install.sh triggers the curl-pipe-to-shell guard in test/runner.test.js:631. The guard's exemption filter (line 607) only allows printf and echo prefixes, not warn.

Options:

1. Add warn to the exempted prefixes in the guard test
2. Reword the message to avoid the pattern (e.g., warn "Try re-running the installer: https://www.nvidia.com/nemoclaw.sh")

Security positives

• is_real_nemoclaw_cli uses a strict anchored semver regex — good detection
• npm uninstall -g nemoclaw is hardcoded, no variable interpolation
• "$bin_path" --version is properly double-quoted
• Fail-safe: uninstall + error message, never silently accepts a broken binary

[cv]

LGTM — security review PASS. CI failure resolved.

• is_real_nemoclaw_cli() uses strict anchored regex — only matches real CLI output
• Both verification paths (command-v, npm-bin) now validate before accepting
• npm uninstall -g nemoclaw is hardcoded — no injection risk
• warn correctly added to curl-pipe-to-shell exemption (user-facing message, not an invocation)
• Test shims all updated to match new --version format
• Docs updated to stop recommending npm install -g nemoclaw (the broken placeholder)

No concerns.