OpenShell is a safe, private runtime environment designed for autonomous AI agents. It provides sandboxed execution with declarative YAML policies to control file access, data exfiltration, and network activity. Built with an agent-first approach, OpenShell offers pre-built skills for tasks like cluster debugging and policy generation.
Currently in alpha, it focuses on single-player mode and aims to expand to multi-tenant enterprise deployments. OpenShell uses a containerized K3s Kubernetes cluster for isolation and enforces security across filesystem, network, process, and inference layers. It supports agents like Claude, OpenCode, and Copilot, managing credentials securely.
Currently in alpha, it focuses on single-player mode and aims to expand to multi-tenant enterprise deployments. OpenShell uses a containerized K3s Kubernetes cluster for isolation and enforces security across filesystem, network, process, and inference layers. It supports agents like Claude, OpenCode, and Copilot, managing credentials securely.
This article details the journey of deploying an on-premise Large Language Model (LLM) server, focusing on security considerations. It explores the rationale behind on-premise deployment for privacy and data control, outlining the goals of creating an air-gapped, isolated infrastructure. The authors delve into the hardware selection process, choosing components like an Nvidia RTX Pro 6000 Max-Q for its memory capacity. The deployment process starts with a minimal setup using llama.cpp, then progresses to containerization with Podman and the use of CDI for GPU access. Finally, the article discusses hardening techniques, including kernel module management and file permission restrictions, to minimize the attack surface and enhance security.
NanoClaw, a new open-source agent platform, aims to address the security concerns surrounding platforms like OpenClaw by utilizing containers and a smaller codebase. The project, started by Gavriel Cohen with the help of Anthropic's Claude Code, focuses on isolation and auditability, allowing agents to operate within a contained environment with limited access to system data.
This article details significant security vulnerabilities found in the Model Context Protocol (MCP) ecosystem, a standardized interface for AI agents. It outlines six critical attack vectors โ OAuth vulnerabilities, command injection, unrestricted network access, file system exposure, tool poisoning, and secret exposure โ and explains how Docker MCP Toolkit provides enterprise-grade protection against these threats.
