Agents
NVIDIA Open-Sources OpenShell: Apache 2.0 Agent Sandbox Runtime with Kernel-Level Isolation and Declarative YAML Security Policies
NVIDIA released OpenShell as open source (Apache 2.0), a runtime that enforces security policy at the execution layer without modifying agent code. Each agent runs in its own container with policy-enforced egress routing; security constraints are applied at the system level so agents cannot override policies or leak credentials even if compromised. Policies are declarative YAML controlling filesystem access, network, process execution, and inference calls. ServiceNow is the first major adopter.
Source
↳ Follow the thread