← Back
NVIDIA
NVIDIA launches OpenShell runtime for securing autonomous AI agents with sandboxing and policy enforcement
· releasefeaturesecurityopen-sourceplatform · developer.nvidia.com ↗

NVIDIA OpenShell: Security for Autonomous Agents

NVIDIA has released OpenShell, a core component of the NVIDIA Agent Toolkit, designed to address the security challenges posed by long-running, autonomous AI agents. The open-source runtime (Apache 2.0 licensed) enables developers to deploy self-evolving agents more safely across cloud, on-premises, NVIDIA RTX PCs, and DGX Spark infrastructure.

The Problem with Autonomous Agents

Traditional AI agent runtimes lack critical security primitives needed for production deployment. Autonomous agents that can spawn subagents, write their own code, maintain persistent context, and execute indefinitely introduce significant attack surfaces—from prompt injection attacks that could leak credentials to third-party skills with unreviewed filesystem access. The key challenge: existing approaches can only reliably achieve two of three requirements simultaneously (safety, capability, and autonomy), not all three.

How OpenShell Works

OpenShell's core innovation is out-of-process policy enforcement. Rather than relying on behavioral prompts or guardrails inside the agent itself, the runtime enforces constraints at the environment level—making them impossible to override even if the agent is compromised. Key features include:

  • Sandboxed execution: Isolated execution environments for agent operations
  • Fine-grained permissions: Granular control over what agents can see, access, and do
  • Privacy routing: Management of data flow and inference routing
  • Universal compatibility: Works with OpenClaw, Anthropic's Claude Code, OpenAI's Codex, and other agents unmodified

Getting Started

Deployment requires a single command with zero code changes:

openshell sandbox create --remote spark --from openclaw

This integrates OpenShell with NVIDIA's broader Agent Toolkit, which includes pre-built models (like NVIDIA Nemotron), tools, evaluation frameworks, and runtimes for building production-ready agents.

Part of NemoClaw Stack

OpenShell is part of NemoClaw, NVIDIA's open-source stack announced at GTC 2026 for running always-on AI agents with policy-based privacy and security guardrails. Together, these tools enable organizations to scale agent deployment across single developer PCs to enterprise GPU clusters while maintaining security and data privacy.