NVIDIA ships infra security for agents

NVIDIA announced the NemoClaw stack at GTC on March 16, 2026 and said the package can install Nemotron models plus the new OpenShell runtime with a single command for OpenClaw users. (investor.nvidia.com) OpenShell was released as open-source under the Apache License 2.0 and is published on NVIDIA’s GitHub as the sandboxed runtime for autonomous agents. (docs.nvidia.com) The runtime enforces kernel‑level isolation using Linux primitives (Landlock filesystem policies, seccomp syscall filters and network namespaces) combined with an OPA/Rego policy engine to evaluate declarative YAML permissions per sandboxed agent. (docs.nvidia.com) OpenShell’s gateway serves as the control plane: it provisions and monitors sandboxes, stores provider credentials for model/back‑end access, and supports browser‑based SSO and edge JWT authentication flows for gateway pairing. (docs.nvidia.com) NemoClaw/OpenShell record detailed audit logs and session metadata for post‑session replay and compliance review, and NVIDIA positions attestation and its existing Attestation Suite as part of the trust chain for device and runtime integrity. (openshelldocs.com) The stack routes inference through a privacy router so enterprises can use local Nemotron models on RTX PCs, DGX Station or DGX Spark — NVIDIA lists those platforms as supported targets for NemoClaw deployments. (nemoclaw.run) Multiple security vendors announced integrations at GTC and market coverage labels NemoClaw/OpenShell as early‑preview or alpha software, with NVIDIA and community repos warning that the stack is evolving and should be treated as preview for production evaluation. (venturebeat.com)