NVIDIA

NVIDIA Launches OpenShell Runtime to Securely Control Autonomous AI Agents


Executive Summary

NVIDIA has announced OpenShell, an open-source, secure-by-design runtime for deploying and managing autonomous AI agents. Part of the NVIDIA Agent Toolkit, OpenShell isolates each agent in a sandbox and enforces security policies at the infrastructure level, rather than relying on application-level or prompt-based controls. This approach is designed to prevent agents from overriding policies or leaking sensitive data, enabling enterprises to safely scale the use of autonomous systems.

Key Takeaways

* Product: NVIDIA OpenShell is an open-source runtime for securing autonomous agents.

* Core Function: It separates agent operations from policy enforcement by running each agent in an isolated sandbox, applying security rules at the system level. This is described as a "browser tab" model for agents.

* Security Model: Policies are enforced on the agent's environment, making them impossible for a compromised agent to override. This provides a unified policy layer across all agents.

* Reference Stack: NVIDIA is also releasing NemoClaw, an open-source reference implementation that simplifies deploying agents using OpenShell and NVIDIA Nemotron models.

* Ecosystem: NVIDIA is collaborating with security partners, including Cisco, CrowdStrike, Google Cloud, and Microsoft Security, to align policy management for agents.

* Availability: OpenShell and NemoClaw are now available in early preview on GitHub and NVIDIA Brev.

Strategic Importance

This announcement positions NVIDIA as a foundational provider of security and trust for the emerging autonomous agent ecosystem. By addressing enterprise-grade security concerns head-on, NVIDIA aims to accelerate the adoption of agentic AI and establish its platform as a critical component for safe deployment.

Original article