docs(support): align platform status with PRD and tested matrix

.agents/skills/nemoclaw-user-configure-inference/SKILL.md

@@ -22,6 +22,22 @@ OpenShell intercepts inference traffic on the host and forwards it to the provid
 Provider credentials stay on the host.
 The sandbox does not receive your API key.
 
+## Provider Status
+
+<!-- provider-status:begin -->
+| Provider | Status | Endpoint type | Notes |
+|----------|--------|---------------|-------|
+| NVIDIA Endpoints | Tested | OpenAI-compatible | Hosted models on integrate.api.nvidia.com |
+| OpenAI | Tested | Native OpenAI-compatible | Uses OpenAI model IDs |
+| Other OpenAI-compatible endpoint | Tested | Custom OpenAI-compatible | For compatible proxies and gateways |
+| Anthropic | Tested | Native Anthropic | Uses anthropic-messages |
+| Other Anthropic-compatible endpoint | Tested | Custom Anthropic-compatible | For Claude proxies and compatible gateways |
+| Google Gemini | Tested | OpenAI-compatible | Uses Google's OpenAI-compatible endpoint |
+| Local Ollama | Caveated | Local Ollama API | Available when Ollama is installed or running on the host |
+| Local NVIDIA NIM | Experimental | Local OpenAI-compatible | Requires `NEMOCLAW_EXPERIMENTAL=1` and a NIM-capable GPU |
+| Local vLLM | Experimental | Local OpenAI-compatible | Requires `NEMOCLAW_EXPERIMENTAL=1` and a server already running on `localhost:8000` |
+<!-- provider-status:end -->
+
 ## Provider Options
 
 The onboard wizard presents the following provider options by default.
@@ -54,15 +70,7 @@ For setup instructions, refer to Use a Local Inference Server (see the `nemoclaw
 NemoClaw validates the selected provider and model before creating the sandbox.
 If validation fails, the wizard returns to provider selection.
 
-| Provider type | Validation method |
-|---|---|
-| OpenAI | Tries `/responses` first, then `/chat/completions`. |
-| NVIDIA Endpoints | Tries `/responses` first with a tool-calling probe that matches OpenClaw behavior. Falls back to `/chat/completions` if the endpoint does not return a compatible tool call. |
-| Google Gemini | Tries `/responses` first with a tool-calling probe that matches OpenClaw behavior. Falls back to `/chat/completions` if the endpoint does not return a compatible tool call. |
-| Other OpenAI-compatible endpoint | Tries `/responses` first with a tool-calling probe that matches OpenClaw behavior. Falls back to `/chat/completions` if the endpoint does not return a compatible tool call. |
-| Anthropic-compatible | Tries `/v1/messages`. |
-| NVIDIA Endpoints (manual model entry) | Validates the model name against the catalog API. |
-| Compatible endpoints | Sends a real inference request because many proxies do not expose a `/models` endpoint. For OpenAI-compatible endpoints, the probe includes tool calling before NemoClaw favors `/responses`. |
+*Full details in `references/inference-options.md`.*
 
 ## Prerequisites
 

.agents/skills/nemoclaw-user-configure-inference/references/inference-options.md

@@ -13,6 +13,22 @@ OpenShell intercepts inference traffic on the host and forwards it to the provid
 Provider credentials stay on the host.
 The sandbox does not receive your API key.
 
+## Provider Status
+
+<!-- provider-status:begin -->
+| Provider | Status | Endpoint type | Notes |
+|----------|--------|---------------|-------|
+| NVIDIA Endpoints | Tested | OpenAI-compatible | Hosted models on integrate.api.nvidia.com |
+| OpenAI | Tested | Native OpenAI-compatible | Uses OpenAI model IDs |
+| Other OpenAI-compatible endpoint | Tested | Custom OpenAI-compatible | For compatible proxies and gateways |
+| Anthropic | Tested | Native Anthropic | Uses anthropic-messages |
+| Other Anthropic-compatible endpoint | Tested | Custom Anthropic-compatible | For Claude proxies and compatible gateways |
+| Google Gemini | Tested | OpenAI-compatible | Uses Google's OpenAI-compatible endpoint |
+| Local Ollama | Caveated | Local Ollama API | Available when Ollama is installed or running on the host |
+| Local NVIDIA NIM | Experimental | Local OpenAI-compatible | Requires `NEMOCLAW_EXPERIMENTAL=1` and a NIM-capable GPU |
+| Local vLLM | Experimental | Local OpenAI-compatible | Requires `NEMOCLAW_EXPERIMENTAL=1` and a server already running on `localhost:8000` |
+<!-- provider-status:end -->
+
 ## Provider Options
 
 The onboard wizard presents the following provider options by default.

.agents/skills/nemoclaw-user-reference/references/commands.md

@@ -83,7 +83,7 @@ Names must follow RFC 1123 subdomain rules: lowercase alphanumeric characters an
 Uppercase letters are automatically lowercased.
 
 Before creating the gateway, the wizard runs preflight checks.
-It verifies that Docker is reachable, warns on unsupported runtimes such as Podman, and prints host remediation guidance when prerequisites are missing.
+It verifies that Docker is reachable, warns on untested runtimes such as Podman, and prints host remediation guidance when prerequisites are missing.
 
 #### `--from <Dockerfile>`
 

.agents/skills/nemoclaw-user-reference/references/troubleshooting.md

@@ -16,8 +16,7 @@ Run `source ~/.bashrc` (or `source ~/.zshrc` for zsh), or open a new terminal wi
 ### Installer fails on unsupported platform
 
 The installer checks for a supported OS and architecture before proceeding.
-NemoClaw requires Linux Ubuntu 22.04 LTS or later.
-If you see an unsupported platform error, verify that you are running on a supported Linux distribution.
+If you see an unsupported platform error, verify that you are running on a tested platform listed in the Container Runtimes table in the quickstart guide.
 
 ### Node.js version is too old
 
@@ -113,8 +112,8 @@ If onboarding reports that Docker is missing or unreachable, fix Docker first an
 $ nemoclaw onboard
 ```
 
-If you are using Podman, NemoClaw warns and continues, but OpenShell officially documents Docker-based runtimes only.
-If onboarding or sandbox lifecycle fails, switch to Docker Desktop, Colima, or Docker Engine and rerun onboarding.
+Podman is not a tested runtime.
+If onboarding or sandbox lifecycle fails, switch to a tested runtime (Docker Desktop, Colima, or Docker Engine) and rerun onboarding.
 
 ### Invalid sandbox name
 
@@ -265,53 +264,6 @@ Use `--follow` to stream logs in real time while debugging.
 
 ## Podman
 
-### `open /dev/kmsg: operation not permitted`
-
-This error appears when the Podman machine is running in rootless mode.
-K3s kubelet requires `/dev/kmsg` access for its OOM watcher, which is not available in rootless containers.
-
-Switch the Podman machine to rootful mode and restart:
-
-```console
-$ podman machine stop
-$ podman machine set --rootful
-$ podman machine start
-```
-
-Then destroy and recreate the gateway:
-
-```console
-$ openshell gateway destroy --name nemoclaw
-$ nemoclaw onboard
-```
-
-### Image push timeout with Podman
-
-When creating a sandbox, the 1.5 GB sandbox image push into K3s may time out through Podman's API socket.
-This is a known limitation of the bollard Docker client's default timeout.
-
-Manually push the image using the Docker CLI, which has no such timeout:
-
-```console
-$ docker images --format '{{.Repository}}:{{.Tag}}' | grep sandbox-from
-$ docker save <IMAGE_NAME:TAG> | \
-    docker exec -i openshell-cluster-nemoclaw \
-    ctr -a /run/k3s/containerd/containerd.sock -n k8s.io images import -
-```
-
-After the import completes, create the sandbox manually:
-
-```console
-$ openshell sandbox create --name my-assistant --from <IMAGE_NAME:TAG>
-```
-
-### Podman machine resources
-
-The default Podman machine has 2 GB RAM, which is insufficient for the sandbox image push and K3s cluster overhead.
-Allocate at least 8 GB RAM and 4 CPUs:
-
-```console
-$ podman machine stop
-$ podman machine set --cpus 6 --memory 8192
-$ podman machine start
-```
+Podman is not a tested runtime.
+OpenShell officially documents Docker-based runtimes only.
+If you encounter issues with Podman, switch to a tested runtime (Docker Engine, Docker Desktop, or Colima) and rerun onboarding.

.github/workflows/pr.yaml

@@ -48,6 +48,9 @@ jobs:
       - name: Run basic checks
         uses: ./.github/actions/basic-checks
 
+      - name: Verify platform matrix is in sync
+        run: python3 scripts/generate-platform-docs.py --check
+
   sandbox-images-and-e2e:
     needs: [checks, changes]
     if: needs.changes.outputs.code == 'true'

.pre-commit-config.yaml

@@ -71,11 +71,19 @@ repos:
   # ── Priority 4: regenerate agent skills when docs change ──────────────────
   - repo: local
     hooks:
+      - id: platform-matrix-sync
+        name: Sync platform matrix to docs
+        entry: bash -c 'python3 scripts/generate-platform-docs.py && git add README.md docs/get-started/quickstart.md docs/inference/inference-options.md'
+        language: system
+        files: ^(ci/platform-matrix\.json|README\.md|docs/get-started/quickstart\.md|docs/inference/inference-options\.md|scripts/generate-platform-docs\.py)$
+        pass_filenames: false
+        priority: 3
+
       - id: docs-to-skills
         name: Regenerate agent skills from docs
-        entry: bash -c 'python3 scripts/docs-to-skills.py docs/ .agents/skills/ --prefix nemoclaw && git add .agents/skills/'
+        entry: bash -c 'python3 scripts/docs-to-skills.py docs/ .agents/skills/ --prefix nemoclaw-user && git add .agents/skills/'
         language: system
-        files: ^docs/.*\.md$
+        files: ^(docs/.*\.md$|ci/platform-matrix\.json$|scripts/generate-platform-docs\.py$)
         pass_filenames: false
         priority: 4
 

README.md

@@ -51,10 +51,9 @@ The sandbox image is approximately 2.4 GB compressed. During image push, the Doc
 
 | Dependency | Version                          |
 |------------|----------------------------------|
-| Linux      | Ubuntu 22.04 LTS or later |
 | Node.js    | 22.16 or later |
 | npm        | 10 or later |
-| Container runtime | Supported runtime installed and running |
+| Platform   | See below |
 | [OpenShell](https://github.com/NVIDIA/OpenShell) | Installed |
 
 #### OpenShell Lifecycle
@@ -64,13 +63,17 @@ Avoid `openshell self-update`, `npm update -g openshell`, `openshell gateway sta
 
 #### Container Runtimes
 
-| Platform | Supported runtimes | Notes |
-|----------|--------------------|-------|
-| Linux | Docker, Podman | Primary supported path. |
-| macOS (Apple Silicon) | Colima, Docker Desktop, Podman | Install Xcode Command Line Tools (`xcode-select --install`) and start the runtime before running the installer. |
-| macOS (Intel) | Colima, Docker Desktop | Podman on Intel macOS is not yet supported. |
-| Windows WSL | Docker Desktop (WSL backend) | Supported target path. |
-| DGX Spark | Docker | Use the standard installer and `nemoclaw onboard`. |
+The following table lists tested platform and runtime combinations.
+Availability is not limited to these entries, but untested configurations may have issues.
+
+<!-- platform-matrix:begin -->
+| OS | Container runtime | Status | Notes |
+|----|-------------------|--------|-------|
+| Linux | Docker | Tested | Primary tested path. |
+| macOS (Apple Silicon) | Colima, Docker Desktop | Tested with limitations | Install Xcode Command Line Tools (`xcode-select --install`) and start the runtime before running the installer. |
+| DGX Spark | Docker | Tested | Use the standard installer and `nemoclaw onboard`. |
+| Windows WSL2 | Docker Desktop (WSL backend) | Tested with limitations | Requires WSL2 with Docker Desktop backend. |
+<!-- platform-matrix:end -->
 
 ### Install NemoClaw and Onboard OpenClaw Agent
 

ci/platform-matrix.json

@@ -0,0 +1,137 @@
+{
+  "$comment": "Single source of truth for tested platforms and providers. Scripts read this to generate README and docs tables. QA/CI update this file; docs are derived.",
+  "version": "1.0",
+  "updated": "2026-04-08",
+
+  "statuses": {
+    "tested": "Validated by CI/QA. Primary path.",
+    "caveated": "Tested with limitations. See Notes.",
+    "experimental": "Requires NEMOCLAW_EXPERIMENTAL=1.",
+    "deferred": "Planned but not yet validated."
+  },
+
+  "platforms": [
+    {
+      "name": "Linux",
+      "runtimes": ["Docker"],
+      "status": "tested",
+      "prd_priority": "P0",
+      "ci_tested": true,
+      "notes": "Primary tested path."
+    },
+    {
+      "name": "macOS (Apple Silicon)",
+      "runtimes": ["Colima", "Docker Desktop"],
+      "status": "caveated",
+      "prd_priority": "P0",
+      "ci_tested": true,
+      "notes": "Install Xcode Command Line Tools (`xcode-select --install`) and start the runtime before running the installer."
+    },
+    {
+      "name": "DGX Spark",
+      "runtimes": ["Docker"],
+      "status": "tested",
+      "prd_priority": "P1",
+      "ci_tested": true,
+      "notes": "Use the standard installer and `nemoclaw onboard`."
+    },
+    {
+      "name": "Windows WSL2",
+      "runtimes": ["Docker Desktop (WSL backend)"],
+      "status": "caveated",
+      "prd_priority": "P1",
+      "ci_tested": false,
+      "_prd_note": "PRD tracks x86 and ARM (WOA) separately; treating as one entry until ARM is validated independently.",
+      "notes": "Requires WSL2 with Docker Desktop backend."
+    },
+    {
+      "name": "DGX Station",
+      "runtimes": ["Docker"],
+      "status": "deferred",
+      "prd_priority": "P1",
+      "ci_tested": false,
+      "notes": "P1 per PRD. Setup path not yet validated."
+    },
+    {
+      "name": "RTX Spark",
+      "runtimes": ["Docker"],
+      "status": "deferred",
+      "prd_priority": "P1",
+      "ci_tested": false,
+      "notes": "P1 per PRD. Setup path not yet validated."
+    },
+    {
+      "name": "NVIDIA RTX",
+      "runtimes": ["Docker"],
+      "status": "deferred",
+      "prd_priority": "P1",
+      "ci_tested": false,
+      "notes": "P1 per PRD. Setup path not yet validated."
+    },
+    {
+      "name": "NVIDIA RTX Pro",
+      "runtimes": ["Docker"],
+      "status": "deferred",
+      "prd_priority": "P1",
+      "ci_tested": false,
+      "notes": "P1 per PRD. Setup path not yet validated."
+    }
+  ],
+
+  "providers": [
+    {
+      "name": "NVIDIA Endpoints",
+      "status": "tested",
+      "endpoint_type": "OpenAI-compatible",
+      "notes": "Hosted models on integrate.api.nvidia.com"
+    },
+    {
+      "name": "OpenAI",
+      "status": "tested",
+      "endpoint_type": "Native OpenAI-compatible",
+      "notes": "Uses OpenAI model IDs"
+    },
+    {
+      "name": "Other OpenAI-compatible endpoint",
+      "status": "tested",
+      "endpoint_type": "Custom OpenAI-compatible",
+      "notes": "For compatible proxies and gateways"
+    },
+    {
+      "name": "Anthropic",
+      "status": "tested",
+      "endpoint_type": "Native Anthropic",
+      "notes": "Uses anthropic-messages"
+    },
+    {
+      "name": "Other Anthropic-compatible endpoint",
+      "status": "tested",
+      "endpoint_type": "Custom Anthropic-compatible",
+      "notes": "For Claude proxies and compatible gateways"
+    },
+    {
+      "name": "Google Gemini",
+      "status": "tested",
+      "endpoint_type": "OpenAI-compatible",
+      "notes": "Uses Google's OpenAI-compatible endpoint"
+    },
+    {
+      "name": "Local Ollama",
+      "status": "caveated",
+      "endpoint_type": "Local Ollama API",
+      "notes": "Available when Ollama is installed or running on the host"
+    },
+    {
+      "name": "Local NVIDIA NIM",
+      "status": "experimental",
+      "endpoint_type": "Local OpenAI-compatible",
+      "notes": "Requires `NEMOCLAW_EXPERIMENTAL=1` and a NIM-capable GPU"
+    },
+    {
+      "name": "Local vLLM",
+      "status": "experimental",
+      "endpoint_type": "Local OpenAI-compatible",
+      "notes": "Requires `NEMOCLAW_EXPERIMENTAL=1` and a server already running on `localhost:8000`"
+    }
+  ]
+}

docs/get-started/quickstart.md

@@ -49,10 +49,9 @@ The sandbox image is approximately 2.4 GB compressed. During image push, the Doc
 
 | Dependency | Version                          |
 |------------|----------------------------------|
-| Linux      | Ubuntu 22.04 LTS or later |
 | Node.js    | 22.16 or later |
 | npm        | 10 or later |
-| Container runtime | Supported runtime installed and running |
+| Platform   | See below |
 | [OpenShell](https://github.com/NVIDIA/OpenShell) | Installed |
 
 :::{warning} OpenShell lifecycle
@@ -62,13 +61,17 @@ Avoid `openshell self-update`, `npm update -g openshell`, `openshell gateway sta
 
 ### Container Runtimes
 
-| Platform | Supported runtimes | Notes |
-|----------|--------------------|-------|
-| Linux | Docker | Primary supported path. |
-| macOS (Apple Silicon) | Colima, Docker Desktop | Install Xcode Command Line Tools (`xcode-select --install`) and start the runtime before running the installer. |
-| macOS (Intel) | Docker Desktop | Start the runtime before running the installer. |
-| Windows WSL | Docker Desktop (WSL backend) | Supported target path. |
-| DGX Spark | Docker | Use the standard installer and `nemoclaw onboard`. |
+The following table lists tested platform and runtime combinations.
+Availability is not limited to these entries, but untested configurations may have issues.
+
+<!-- platform-matrix:begin -->
+| OS | Container runtime | Status | Notes |
+|----|-------------------|--------|-------|
+| Linux | Docker | Tested | Primary tested path. |
+| macOS (Apple Silicon) | Colima, Docker Desktop | Tested with limitations | Install Xcode Command Line Tools (`xcode-select --install`) and start the runtime before running the installer. |
+| DGX Spark | Docker | Tested | Use the standard installer and `nemoclaw onboard`. |
+| Windows WSL2 | Docker Desktop (WSL backend) | Tested with limitations | Requires WSL2 with Docker Desktop backend. |
+<!-- platform-matrix:end -->
 
 ## Install NemoClaw and Onboard OpenClaw Agent