OpenShell releases v0.0.33, NVIDIA's AI Agent sandbox adds libkrun micro VM driver

According to Beating Monitoring, NVIDIA’s open-source AI Agent sandbox runtime OpenShell has released version v0.0.33. The project manages file access, data exfiltration, and network requests within the sandbox through YAML policies, providing secure isolation for autonomous agents running code. This release introduces a standalone computing driver based on libkrun, enhances seccomp filtering for the sandbox, and adds inference routing and process count limits.

Previously, OpenShell’s compute backend was Kubernetes, running on a K3s cluster inside a single Docker container. libkrun is a KVM-based micro VM library that starts nearly as fast as a container and offers an isolation level comparable to virtual machines. For untrusted code executed by the agent, this adds an extra kernel-level boundary compared to containers.

The project has accumulated 5.2k stars on GitHub and is licensed under Apache 2.0. The official README states that it is still in the alpha stage, currently supporting only a single developer, single environment, and single gateway in a single-player mode.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pin