OpenShell + Governance Toolkit: Complete Agent Security Stack

[imran-siddique]

OpenShell + Governance Toolkit = Complete Agent Security

NVIDIA just announced OpenShell at GTC — an open-source sandboxed runtime for AI agents with policy-enforced filesystem, network, process, and inference controls.

This is a fantastic complement to the Agent Governance Toolkit.

The Walls + Brain Architecture

OpenShell provides the Walls (runtime isolation):

• Container sandboxing (Docker/K3s)
• Filesystem read/write policies
• Network egress control (L7 proxy)
• Process/syscall restrictions
• Inference routing with credential isolation

Governance Toolkit provides the Brain (governance intelligence):

• Agent identity (Ed25519 cryptographic DIDs)
• Behavioral trust scoring (5-dimension, 0-1000 scale)
• Policy engine (YAML + OPA/Rego + Cedar)
• Authority resolution (reputation-gated delegation)
• Tamper-evident Merkle audit chains
• SLOs, circuit breakers, execution rings

Neither has what the other does

OpenShell asks: Is this network call allowed by sandbox policy?
Governance Toolkit asks: Should this agent be trusted to make this call at all?

What we shipped today

• OpenShell integration guide — Full architecture, setup options, policy layering examples
• Updated OpenClaw skill (v1.1.0) — All 6 scripts updated to current AgentMesh API
• Updated sidecar deployment docs — Cross-referenced with OpenShell

Security context

Cisco found data exfiltration vulnerabilities in third-party OpenClaw skills, and prompt injection remains a real risk. OpenShell addresses the sandbox layer. The Governance Toolkit addresses the trust and policy layer. Together: defense in depth.

Full guide: docs/integrations/openshell.md

What do you think? Would you use this combination for your agent deployments?