To make the review of your request easier, please use the following template to provide all the required details and also include any other information that may be relevant.
- name: openshell
- description: Safe, sandboxed runtimes for autonomous AI agents
- snapcraft: OpenShell/snapcraft.yaml at main · NVIDIA/OpenShell · GitHub
- upstream: GitHub - NVIDIA/OpenShell: OpenShell is the safe, private runtime for autonomous AI agents. · GitHub
- upstream-relation: maintained upstream by nvidia and canonical
- interfaces:
- docker:
- request-type: auto-connection
- reasoning: openshell uses docker to create sandboxes
- log-observe:
- request-type: auto-connection
- reasoning: openshell has an internal sandbox that looks at system logs to find about outgoing connection attempts that were denied and offers users policy changes inside “openshell term”
- system-observe:
- request-type: auto-connection
- reasoning: openshell gateway uses system observe as it grants ptrace that is needed by the internal sandbox
- ssh-keys:
- request-type: auto-connection
- reasoning: “openshell sandbox connect” uses ssh-keys as it grants access to the ssh binary and also the user’s keys so that one can ssh to a sandbox created earlier
- docker: