← Back
NVIDIA
NVIDIA launches OpenShell runtime for safer autonomous AI agents with out-of-process policy enforcement
· releasefeatureopen-sourcesecurityplatform · developer.nvidia.com ↗

NVIDIA OpenShell: Bridging Safety and Autonomy for AI Agents

NVIDIA announced OpenShell, an open-source runtime and part of the NVIDIA Agent Toolkit, designed to safely deploy autonomous, self-evolving AI agents known as "claws." The solution combines NVIDIA's Nemotron models with built-in policy enforcement to give developers control over agent behavior while maintaining productivity gains from long-running autonomous systems.

The Problem: Security at Scale

Traditional agent runtimes lack critical security primitives. Long-running agents with persistent shell access, live credentials, and the ability to rewrite their own tooling create substantial threat models—every prompt injection risks credential leaks, every third-party skill is an unreviewed binary, and every spawned subagent inherits unintended permissions. Developers face a trilemma: achieve safety and autonomy but lose capability, or gain capability and autonomy but sacrifice security.

How OpenShell Works

OpenShell's core architectural innovation is out-of-process policy enforcement. Rather than relying on behavioral prompts or guardrails inside the agent itself, constraints are enforced by the runtime environment—meaning the agent cannot override them, even if compromised. This mirrors the browser tab model applied to agents:

  • Session isolation: Each agent runs in an isolated sandbox
  • Permission verification: The runtime verifies permissions before executing any action
  • Granular oversight: Fine-grained control over filesystem, network, and process-layer access
  • Skill verification: Third-party skills are reviewed before execution

Getting Started

OpenShell runs unmodified agents from major providers (OpenClaw, Claude Code, OpenAI's Codex) with a single command:

openshell sandbox create --remote spark --from openclaw

No code changes required. The runtime is Apache 2.0 open source and available as part of NVIDIA's broader Agent Toolkit, which also includes models, tools, evaluation frameworks, and deployment infrastructure for production-ready agents.

Deployment Scope

OpenShell supports deployment across NVIDIA DGX Spark, DGX Station, RTX PCs, and on-premises infrastructure, enabling enterprises to run long-running agents with continuous skill development while maintaining strict privacy and security controls.