docs: catch up documentation for v0.0.15 changes

[miyoungc]

Summary

• Document tier-based policy selector (Restricted/Balanced/Open) in commands, network policies, and customize-network-policy pages (from feat(policy): tier-based policy selector with combined access-mode UI #1753)
• Document configurable port overrides via environment variables (NEMOCLAW_GATEWAY_PORT, NEMOCLAW_DASHBOARD_PORT, NEMOCLAW_VLLM_PORT, NEMOCLAW_OLLAMA_PORT) (from feat(cli): add configurable port overrides via environment variables #1645)
• Document nemoclaw <sandbox> skill install <path> command (from feat(cli): add nemoclaw <sandbox> skill install command (#1844) #1845, fix(cli): report skipped hidden directories during skill install #1856)
• Document reserved sandbox name validation — CLI command collision check (from fix(onboard): reject sandbox names that collide with global CLI commands #1773)
• Bump doc version switcher through 0.0.15
• Remove --dangerously-skip-permissions from onboard usage synopsis (docs-skip violation)
• Regenerate agent skills from updated docs

Test plan

• make docs builds without warnings
• All pre-commit hooks pass
• Verify rendered pages in docs build output
• Cross-references resolve correctly (policy-tiers anchor, environment-variables section)

🤖 Generated with Claude Code

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request updates documentation across multiple files to introduce policy tier-based onboarding, document the new nemoclaw <name> skill install command, add environment variable port configuration guidance, refine sandbox name validation rules, and add versioning entries for releases 0.0.13 through 0.0.15.

Changes

Cohort / File(s)	Summary
Policy Tier Documentation .agents/skills/nemoclaw-user-reference/references/network-policies.md, docs/reference/network-policies.md, .agents/skills/nemoclaw-user-manage-policy/SKILL.md, docs/network-policy/customize-network-policy.md	Added policy tiers (Restricted, Balanced, Open) documentation describing how tiers control default preset policy files and allow interactive preset/permission tuning via onboarding screens; documented tier storage location (nemoclaw-blueprint/policies/tiers.yaml) and non-interactive configuration via NEMOCLAW_POLICY_TIER env var.
Commands Reference .agents/skills/nemoclaw-user-reference/references/commands.md, docs/reference/commands.md	Removed --dangerously-skip-permissions from nemoclaw onboard documentation, added new nemoclaw <name> skill install <path> command with SKILL.md validation, file upload rules, and update semantics; added Environment Variables section documenting NEMOCLAW_GATEWAY_PORT, NEMOCLAW_DASHBOARD_PORT, NEMOCLAW_VLLM_PORT, NEMOCLAW_OLLAMA_PORT with allowed range (1024–65535) and override scope.
Troubleshooting & Validation .agents/skills/nemoclaw-user-reference/references/troubleshooting.md, docs/reference/troubleshooting.md	Updated port-conflict guidance to reflect dual defaults (dashboard 18789, gateway 8080), added NEMOCLAW_DASHBOARD_PORT override example, and expanded invalid sandbox-name validation to reject CLI command-token collisions (e.g., onboard, list, deploy).
Versioning docs/versions1.json	Added three new version entries: 0.0.15 (marked preferred), 0.0.14, and 0.0.13, each with corresponding NVIDIA documentation URLs.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 Tiers of policy, now crystal and clear,
Onboarding flows that bring users near,
Skills to install, environments set,
Versions ascending—no technical debt!
Documentation blooms where confusion once grew. 🌱

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main objective of the PR: updating documentation to align with v0.0.15 changes, including policy tiers, port overrides, new CLI commands, and version metadata.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch docs/refresh-v0.0.15

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (4)

docs/reference/network-policies.md (1)

109-109: Format access-mode values as inline code.

Please wrap read and read-write in inline code formatting to match the docs rule for parameter values.

As per coding guidelines, “CLI commands, file paths, flags, parameter names, and values must use inline code formatting.”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/reference/network-policies.md` at line 109, Update the sentence that
currently mentions access modes so the access-mode values are formatted as
inline code: replace plain text occurrences of read and read-write in the
sentence "After selecting a tier, a combined preset and access-mode screen lets
you include or exclude individual presets and toggle each between read (GET
only) and read-write (GET + POST/PUT/PATCH) access." with inline code formatting
for `read` and `read-write`, keeping the explanatory parentheticals (GET only,
GET + POST/PUT/PATCH) unchanged.

docs/reference/commands.md (3)

80-97: Tone/style cleanup needed in policy-tier section.

Please remove emphasis on “policy tier” and avoid the colon in “...balanced):” before the example block; both patterns conflict with the docs style constraints.

As per coding guidelines, “Unnecessary bold on routine instructions ... should be flagged (LLM pattern detected)” and “Colons should only introduce a list.”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/reference/commands.md` around lines 80 - 97, Remove the bold emphasis
around "policy tier" and any other unnecessary bolding in that section, and
delete the colon that appears immediately before the example block (the line
ending with ``balanced`):``); keep the sentence flow so the example begins on
the next line, and ensure the environment variable name NEMOCLAW_POLICY_TIER and
the inline example remain unchanged otherwise.

---

266-273: Convert this block to active voice.

Several sentences are passive (for example, “is required,” “are skipped,” “are rejected,” “is refreshed”). Please switch these to active constructions for consistency with docs voice guidelines.

As per coding guidelines, “Active voice required. Flag passive constructions.”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/reference/commands.md` around lines 266 - 273, Rewrite the documented
sentences to use active voice: state that "The skill directory must contain a
SKILL.md file with YAML frontmatter that includes a name field" as "Place a
SKILL.md file in the skill directory with YAML frontmatter that includes a name
field"; change "Skill names must contain only..." to "Only allow skill names
containing alphanumeric characters, dots, hyphens, and underscores"; change
"Files with names starting with `.` (dotfiles) are skipped and listed in the
output" to "Skip and list dotfiles (names starting with `.`) in the output";
change "Files with unsafe path characters are rejected to prevent shell
injection" to "Reject files that contain unsafe path characters to prevent shell
injection"; and change "the agent session index is refreshed so the agent
discovers the skill on the next session" to "refresh the agent session index so
the agent discovers the skill on the next session" — apply these edits to the
block mentioning SKILL.md, skill names, dotfiles, unsafe path characters, and
agent session index.

---

127-127: Use active voice for reserved-name validation.

This sentence is passive (“are rejected”). Please rewrite it in active voice.

As per coding guidelines, “Active voice required. Flag passive constructions.”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/reference/commands.md` at line 127, Replace the passive sentence "Names
that match global CLI commands (`status`, `list`, `debug`, etc.) are rejected to
avoid routing conflicts." with an active-voice construction; for example, reword
it to "We reject names that match global CLI commands (e.g., `status`, `list`,
`debug`) to avoid routing conflicts" or "Reject names that match global CLI
commands (e.g., `status`, `list`, `debug`) to avoid routing conflicts" so the
reserved-name validation is stated in active voice.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/reference/troubleshooting.md`:
- Around line 196-197: Update the reserved-name sentence to make it explicit
that the list is non-exhaustive: either add the missing token `setup-spark` to
the enumerated list (alongside `onboard`, `list`, `deploy`, `setup`, `start`,
`stop`, `status`, `debug`, `uninstall`, `credentials`, and `help`) or change the
wording to "Reserved names include, for example, ..." (or append "such as") so
readers know more global commands may collide; modify the sentence near the
existing reserved names text accordingly.

---

Nitpick comments:
In `@docs/reference/commands.md`:
- Around line 80-97: Remove the bold emphasis around "policy tier" and any other
unnecessary bolding in that section, and delete the colon that appears
immediately before the example block (the line ending with ``balanced`):``);
keep the sentence flow so the example begins on the next line, and ensure the
environment variable name NEMOCLAW_POLICY_TIER and the inline example remain
unchanged otherwise.
- Around line 266-273: Rewrite the documented sentences to use active voice:
state that "The skill directory must contain a SKILL.md file with YAML
frontmatter that includes a name field" as "Place a SKILL.md file in the skill
directory with YAML frontmatter that includes a name field"; change "Skill names
must contain only..." to "Only allow skill names containing alphanumeric
characters, dots, hyphens, and underscores"; change "Files with names starting
with `.` (dotfiles) are skipped and listed in the output" to "Skip and list
dotfiles (names starting with `.`) in the output"; change "Files with unsafe
path characters are rejected to prevent shell injection" to "Reject files that
contain unsafe path characters to prevent shell injection"; and change "the
agent session index is refreshed so the agent discovers the skill on the next
session" to "refresh the agent session index so the agent discovers the skill on
the next session" — apply these edits to the block mentioning SKILL.md, skill
names, dotfiles, unsafe path characters, and agent session index.
- Line 127: Replace the passive sentence "Names that match global CLI commands
(`status`, `list`, `debug`, etc.) are rejected to avoid routing conflicts." with
an active-voice construction; for example, reword it to "We reject names that
match global CLI commands (e.g., `status`, `list`, `debug`) to avoid routing
conflicts" or "Reject names that match global CLI commands (e.g., `status`,
`list`, `debug`) to avoid routing conflicts" so the reserved-name validation is
stated in active voice.

In `@docs/reference/network-policies.md`:
- Line 109: Update the sentence that currently mentions access modes so the
access-mode values are formatted as inline code: replace plain text occurrences
of read and read-write in the sentence "After selecting a tier, a combined
preset and access-mode screen lets you include or exclude individual presets and
toggle each between read (GET only) and read-write (GET + POST/PUT/PATCH)
access." with inline code formatting for `read` and `read-write`, keeping the
explanatory parentheticals (GET only, GET + POST/PUT/PATCH) unchanged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: c2f1e908-e684-4b2c-bd9c-93ec676b9487

📥 Commits

Reviewing files that changed from the base of the PR and between 855924f and a6f1aca.

📒 Files selected for processing (9)

• .agents/skills/nemoclaw-user-manage-policy/SKILL.md
• .agents/skills/nemoclaw-user-reference/references/commands.md
• .agents/skills/nemoclaw-user-reference/references/network-policies.md
• .agents/skills/nemoclaw-user-reference/references/troubleshooting.md
• docs/network-policy/customize-network-policy.md
• docs/reference/commands.md
• docs/reference/network-policies.md
• docs/reference/troubleshooting.md
• docs/versions1.json

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Clarify that the reserved-name list is non-exhaustive (or include all valid command collisions).

setup-spark is also a reserved global command token, but it is missing from this list. Please either add it or explicitly label this as examples (for example, “such as ...”) so users do not treat the current list as complete.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docs/reference/troubleshooting.md` around lines 196 - 197, Update the
reserved-name sentence to make it explicit that the list is non-exhaustive:
either add the missing token `setup-spark` to the enumerated list (alongside
`onboard`, `list`, `deploy`, `setup`, `start`, `stop`, `status`, `debug`,
`uninstall`, `credentials`, and `help`) or change the wording to "Reserved names
include, for example, ..." (or append "such as") so readers know more global
commands may collide; modify the sentence near the existing reserved names text
accordingly.