I assume you need some flexibility in choosing a nothing-up-my-sleeve number, in case the first number you try has properties that are bad for the algorithm.
Imagine if the super-official, international standard nothing-up-my-sleeve number was 1. Any time you need consistent but arbitrary bits in a cryptographic algorithm, they must be ...000000000000001. That doesn't sound like it would work very well.
In that case, you announce a reroll, along with a published paper explaining that x^1 == x. But, assuming you use SHA-256 or higher, the chances of that happening are less than one over the number of atoms in the observable universe, so you shouldn't worry about it the same way you don't worry about hash collisions happening purely by chance.
Ok, then describe some algorithm with exact criteria (and explanations of criteria) needed for the number, but still seeded by future random events, ex "if the first hash doesn't meet these crtieria, hash it again and again until it does.
Imagine if the super-official, international standard nothing-up-my-sleeve number was 1. Any time you need consistent but arbitrary bits in a cryptographic algorithm, they must be ...000000000000001. That doesn't sound like it would work very well.