← Back
NVIDIA
NVIDIA releases OpenShell, an open-source runtime for safer autonomous AI agents
· releasefeatureopen-sourcesecurityplatform · developer.nvidia.com ↗

NVIDIA Releases OpenShell for Safer Agent Deployment

NVIDIA introduced OpenShell, an open-source runtime designed to safely deploy long-running, autonomous AI agents. The runtime is part of the broader NVIDIA Agent Toolkit and works alongside the NemoClaw open-source stack, which simplifies agent deployment with policy-based privacy and security guardrails.

The Agent Safety Challenge

Autonomous agents—called "claws"—present a new security challenge. Unlike stateless chatbots, these agents maintain persistent context across sessions, spawn subagents, write their own code, access live credentials, and run continuously against internal APIs. This creates a fundamentally different threat model where every prompt injection could leak credentials and every third-party skill represents an unreviewed binary with filesystem access.

Current agent runtimes lack core security primitives like sandboxing, permissions, and isolation. NVIDIA identified that reliably achieving three goals simultaneously—safety, capability, and autonomy—was impossible with existing approaches. The key insight: guardrails living inside the same process they're supposed to protect represent a critical failure mode.

How OpenShell Works

OpenShell uses out-of-process policy enforcement to solve this problem. Rather than relying on behavioral prompts inside the agent, it enforces constraints at the environment level that the agent cannot override, even if compromised. This is analogous to browser tab isolation applied to AI agents.

Key features:

  • Isolated sandboxes specifically designed for long-running, self-evolving agents
  • Session isolation preventing agents from escaping their execution context
  • Runtime permission verification before any action executes
  • Granular access controls across filesystem, network, and process layers

Getting Started

Developers can deploy agents with a single command:

openshell sandbox create --remote spark --from openclaw

No code changes required. OpenShell runs unmodified agents like OpenClaw, Claude Code, or other compatible systems inside secure sandboxes. The runtime is based on Apache 2.0 open source licensing and works across NVIDIA DGX Spark, DGX Station, RTX PCs, and on-premises deployments.

Part of the Broader Agent Toolkit

OpenShell complements NVIDIA's full Agent Toolkit, which provides models (Nemotron), tools, evaluation frameworks, and runtimes for building production-ready agents that can plan tasks, access enterprise data, and operate as dependable services.