As enterprise AI agents begin to move from laboratories into core business systems, preventing AI "mutiny" or data leaks caused by prompt injection has become the most troubling issue for developers.
On March 17, NVIDIA and Cisco jointly introduced a powerful solution: officially open-sourcing the AI agent runtime OpenShell. This system aims to build a "firewall" for long-running AI agents, allowing enterprises to precisely control every action of AI while achieving large-scale automation deployment.
The core logic of OpenShell is highly robust: it provides each AI agent with a physically isolated "sandbox" environment. In this environment, the agent has no default permissions. All external access, tool calls, and even privacy data desensitization of cloud models must go through fine-grained policy authorization.
Complementing this is Cisco's AI Defense security platform. If OpenShell defines what an agent "can do," then AI Defense ensures what the agent "actually does." It continuously records the agent's reasoning steps and decision-making processes, ensuring that every skill call undergoes supply chain security review.
This layered security architecture is highly effective in practical scenarios. For example, when a company faces a new zero-day vulnerability attack:
Internal AI agents automatically parse security bulletins and locate affected devices using network knowledge graphs.
The entire complex analysis and repair process is executed within OpenShell sandbox.
If the agent encounters malicious instruction injection during the repair process, attempting to steal sensitive configurations, AI Defense gateway will instantly block the abnormal request.
NVIDIA stated that this architecture aims to end the "black box" state of AI. Through infrastructure-level security verification, enterprises can confidently let AI agents take over more complex automation processes without worrying about losing control of system security. With the open-source release of OpenShell, the large-scale application of enterprise AI agents has officially entered a new phase of "having laws to follow."
%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
