What is OpenShell — Secure Agent Runtime by NVIDIA?

A safe and private runtime environment for autonomous AI agents developed by NVIDIA. OpenShell provides isolated execution contexts where agents can operate with controlled access to system resources.

Is OpenShell — Secure Agent Runtime by NVIDIA free to use?

Yes. OpenShell — Secure Agent Runtime by NVIDIA is freely available on TokRepo. Check the Source & Thanks section on the asset page for the specific open-source license.

How do I install OpenShell — Secure Agent Runtime by NVIDIA?

Visit the asset page on TokRepo and click "Copy for agent" to get the installation instructions. Most assets can be installed with a single command.

OpenShell — Secure Agent Runtime by NVIDIA

Introduction

OpenShell is an open-source agent runtime from NVIDIA that provides a secure, private execution environment for autonomous AI agents. It allows agents to run shell commands, read and write files, and interact with tools while maintaining strict isolation boundaries to prevent unintended side effects.

What OpenShell Does

Creates isolated execution environments for AI agents to run safely
Controls agent access to file systems, networks, and processes via policies
Provides a standard interface for agents to execute shell commands securely
Supports audit logging of all agent actions for review and debugging
Runs locally with no data leaving the host machine

Architecture Overview

OpenShell is built in Rust and uses Linux namespaces and seccomp filters to create lightweight sandboxes for agent execution. Each agent session gets its own isolated environment with a controlled view of the file system. A policy engine evaluates each agent action against the configured rules before execution. The system produces a full audit trail of all commands and file modifications.

Self-Hosting & Configuration

Build from source with the Rust toolchain on Linux
Define security policies in a TOML configuration file
Specify allowed directories, commands, and network access per agent
Configure audit log output location and verbosity
Supports running multiple isolated agent sessions concurrently

Key Features

Linux namespace-based isolation for lightweight, fast sandboxes
Fine-grained policy engine controlling file, network, and process access
Full audit trail of every agent action for accountability
Developed and maintained by NVIDIA
No external dependencies beyond the Linux kernel

Comparison with Similar Tools

E2B — cloud-hosted sandboxes; OpenShell runs on your own Linux machine
IronClaw — uses WebAssembly sandboxing; OpenShell uses Linux namespaces
Docker — container-level isolation; OpenShell is lighter and agent-aware
CubeSandbox — similar scope from Tencent; OpenShell leverages NVIDIA's agent research

FAQ

Q: Does it require NVIDIA GPUs? A: No. OpenShell is a CPU-based runtime. It does not require NVIDIA hardware despite being developed by NVIDIA.

Q: Which operating systems are supported? A: Linux only, as it relies on Linux namespaces and seccomp for isolation.

Q: Can it run multiple agents simultaneously? A: Yes. Each agent session runs in its own isolated namespace with independent policies.

Q: Is it production-ready? A: OpenShell is under active development. Review the issue tracker for known limitations before deploying in production.

Sources

https://github.com/NVIDIA/OpenShell

OpenShell — Secure Agent Runtime by NVIDIA

This asset can be read and installed directly by agents

Introduction

What OpenShell Does

Architecture Overview

Self-Hosting & Configuration

Key Features

Comparison with Similar Tools

FAQ

Sources

Discussion

Related Assets

IronClaw — Privacy-First Agent Operating System

CubeSandbox — Lightweight AI Agent Sandbox by Tencent

Deno — Secure Runtime for AI Agent Scripts

IronCurtain — Secure Runtime for AI Agents