Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/NVIDIA/OpenShell/llms.txt

Use this file to discover all available pages before exploring further.

NVIDIA OpenShell provides sandboxed execution environments for autonomous AI agents. Agents run with exactly the permissions they need and nothing more, governed by declarative YAML policies that prevent unauthorized file access, data exfiltration, and uncontrolled network activity.

Quickstart

Install the CLI and create your first sandboxed agent in two commands.

How It Works

Understand the gateway, sandbox, policy engine, and privacy router.

Sandbox Policies

Declare filesystem, network, process, and inference constraints in YAML.

CLI Reference

Full reference for every command, subcommand, and flag.

Get running in two commands

1

Install OpenShell

curl -LsSf https://raw.githubusercontent.com/NVIDIA/OpenShell/main/install.sh | sh
Or install via PyPI with uv:
uv tool install -U openshell
2

Create a sandbox and launch an agent

openshell sandbox create -- claude
A gateway is provisioned automatically on first use. The sandbox starts with minimal outbound access — controlled by policy.
3

Apply a network policy

openshell policy set my-sandbox --policy policy.yaml
Policies are hot-reloadable. No sandbox restart required.

Protection layers

OpenShell applies defense in depth across four policy domains:
LayerWhat it protectsWhen it applies
FilesystemPrevents reads/writes outside allowed pathsLocked at sandbox creation
NetworkBlocks unauthorized outbound connectionsHot-reloadable at runtime
ProcessBlocks privilege escalation and dangerous syscallsLocked at sandbox creation
InferenceReroutes model API calls to controlled backendsHot-reloadable at runtime

Explore by topic

Gateways & Sandboxes

Deploy gateways locally, on a remote host, or behind a cloud proxy.

Providers

Manage agent credentials — injected at runtime, never written to disk.

Inference Routing

Keep inference traffic private by routing to local or self-hosted backends.

Supported Agents

Claude Code, OpenCode, Codex, Copilot, and more work out of the box.

Community Sandboxes

Use pre-built sandbox images or bring your own container.

Tutorials

Hands-on walkthroughs from first sandbox to custom policies.
OpenShell is alpha software — single-player mode. One developer, one environment, one gateway. Multi-tenant enterprise deployments are on the roadmap. Expect rough edges.

Build docs developers (and LLMs) love

Get started for freeTalk to us