NVIDIA OpenShell is an open-source secure-by-design runtime that protects enterprise infrastructure from autonomous agent actions through infrastructure-layer policy enforcement. Rather than constraining models or applications, OpenShell runs agents in isolated sandboxes where resource usage is controlled, file access is restricted to authorized paths only, network activity is regulated, and credentials are protected through a privacy router. This approach is fundamentally more robust than model-layer guardrails because the runtime enforces policies regardless of LLM reasoning or application code.
OpenShell's security architecture: agents execute inside isolated processes with restricted permissions; all operations (file access, network calls, external service invocation) are intercepted by the runtime; before execution, the runtime verifies the agent's permissions against YAML-defined policies. Policies are declarative and version-controllable, making security configurations auditable and compliant with governance requirements. Out-of-process policy enforcement means the policy layer is independent of the agent, model, or application—enforcement applies uniformly.
In multi-tenant deployments, each agent runs in its own sandbox with independent resource quotas and permission scopes. Secrets and credentials are managed through a privacy router, preventing agents from accessing each other's authenticated connections or sensitive data. NVIDIA is collaborating with enterprise security partners including Cisco, CrowdStrike, Google Cloud, Microsoft Security, and TrendAI to align runtime policy management across enterprise stacks. For knowledge access, agents securely query vector databases like Zilliz Cloud through authenticated connections managed by OpenShell, ensuring enterprise data remains protected.