github.com/cadieuxpaquinr/OpenShell ↗

About cadieuxpaquinr/OpenShell

OpenShell is NVIDIA's runtime environment designed to safely execute autonomous AI agents in isolated, policy-controlled sandboxes. The project provides sandboxed execution environments that protect user data, credentials, and infrastructure through declarative YAML policies that govern file access, prevent data exfiltration, and control network activity. Built agent-first, OpenShell ships with skills for tasks ranging from cluster debugging to policy generation and encourages contributors to use agents as their primary development tool.

The runtime architecture runs a K3s Kubernetes cluster inside a single Docker container, requiring no separate Kubernetes installation. Each sandbox operates in isolation with policy-enforced egress routing coordinated by a lightweight gateway. The system applies defense in depth across four domains: filesystem policies that lock at sandbox creation, network policies that can be hot-reloaded at runtime, process policies that prevent privilege escalation and dangerous syscalls, and inference routing that manages API calls through controlled backends. Credentials are managed as named provider bundles and injected as environment variables rather than stored in the sandbox filesystem.

OpenShell currently supports major AI agents including Claude Code, OpenCode, GitHub Copilot CLI, and Codex out of the box, with additional options available from the community catalog. The project includes a real-time terminal dashboard for monitoring gateways, sandboxes, and providers, and offers experimental GPU passthrough support for local inference and GPU workloads. While still in alpha as single-player mode proof-of-concept, the tool is production-built with extensive documentation, agent-assisted debugging skills, and a security-first design that emphasizes protecting sensitive data during autonomous agent execution.