NVIDIA OpenShell Introduces Secure Runtime for Autonomous AI Agents

Autonomous AI agents are rapidly transforming how we interact with technology, moving beyond simple responses to actively taking action, using tools, and even writing code. But with this incredible power comes a crucial question: how do we ensure these self-evolving agents operate securely and responsibly? NVIDIA is tackling this head-on with the introduction of NVIDIA OpenShell.

What is NVIDIA OpenShell?

NVIDIA OpenShell is an innovative open-source, secure-by-design runtime specifically engineered for autonomous AI agents. Part of the NVIDIA Agent Toolkit, its core function is to provide a robust, trusted infrastructure policy layer for controlling these agents. Unlike traditional security measures applied at the application layer, OpenShell enforces security at the system level.

How does it work? OpenShell isolates each AI agent within its own dedicated sandbox. This ingenious mechanism prevents agents from overriding established policies, leaking sensitive credentials, or compromising private data, even if the agent itself were to be compromised. This ensures that security policies remain out of reach of the agent, creating a fundamental layer of trust and control. You can learn more about the project at the NVIDIA OpenShell Project page.

Why Secure AI Agents Matter for Enterprises

The proliferation of autonomous agents in enterprise environments presents both immense opportunities and significant security challenges. As agents continuously improve and evolve, the risk of application-layer vulnerabilities grows exponentially. Enterprises need a unified approach to define and enforce policies across diverse agentic workflows and host operating systems to ensure compliance and maintain operational oversight.

OpenShell is designed precisely for this need, offering enterprises a single, unified policy layer. NVIDIA is also collaborating with leading security partners, including Cisco, CrowdStrike, Google Cloud, Microsoft Security, and TrendAI, to align runtime policy management and enforcement for agents across the entire enterprise stack. For those looking to build their own secure, self-evolving personal AI agents, NVIDIA provides NVIDIA NemoClaw. This open-source reference stack bundles always-on assistants with the OpenShell runtime and powerful NVIDIA Nemotron Foundation Models, offering customizable policy-based privacy and security guardrails.

Getting Started and Availability

NVIDIA OpenShell and NemoClaw are designed for flexible deployment, enabling secure operation of self-evolving agents in various environments. This includes cloud platforms, on-premises data centers, and personal computers, from NVIDIA GeForce RTX PCs and laptops to NVIDIA RTX PRO workstations, NVIDIA DGX Station, and even NVIDIA DGX Spark AI supercomputers. Both OpenShell and NemoClaw are currently available in early preview, allowing developers and enterprises to start experimenting with secure agentic workflows today.

Ready to dive in? You can access NVIDIA OpenShell as an open-source project directly from its OpenShell GitHub Repository. Alternatively, for a quicker start, you can launch a ready-to-use environment on NVIDIA Brev. NVIDIA is committed to building in the open with the community and its partners to help enterprises confidently scale autonomous agents while adhering to global security standards.