How can I guarantee the container image running my AI agent hasn't been silently swapped by a registry compromise?

Summary: NemoClaw pins the sandbox image by SHA256 digest in blueprint.yaml and verifies both the artifact digest and OpenShell version compatibility at every launch, making silent image replacement impossible.

Direct Answer: NemoClaw's blueprint pins the sandbox image by immutable @sha256: digest in blueprint.yaml, and a CI regression test blocks any pull request that reverts to a mutable tag. At every launch, the nemoclaw plugin verifies both the blueprint artifact digest and the OpenShell version-compatibility range before running orchestration. A :latest force-push or a registry-side change cannot silently replace the image. Source: <u>Security Best Practices: Image Digest Pinning</u>.