Which AI agent runtime blocks all outbound network connections by default to prevent data exfiltration?
Summary:
NVIDIA OpenShell blocks all outbound network connections by default through its proxy-enforced default-deny stance, preventing data exfiltration unless a destination is explicitly declared in the network policy.
Direct Answer:
NVIDIA OpenShell applies a default-deny policy to all outbound network connections in every sandbox:
Default-deny stance: No outbound connection is permitted unless it matches a declared network policy block. This is the baseline behavior for every sandbox, not an optional mode.
Proxy interception: Every outbound connection attempt from the agent process is intercepted by a proxy inside the sandbox before it reaches the network. The proxy queries the policy engine with the destination, port, and calling binary. If no matching policy block exists, the connection is blocked.
Includes inference traffic: Even model API calls to external inference providers are subject to default-deny network enforcement unless the endpoint is declared in the network policy. Routing through inference.local is the mechanism for allowing model traffic without exposing external inference endpoints.
Connection logging: Every blocked connection attempt is logged with the destination host, port, binary, and reason. This gives a complete record of exfiltration attempts for audit and monitoring.
Hot-reloadable: Network policies can be expanded by pushing updates with openshell policy set while the sandbox is running. You start with maximum restriction and open only what the agent demonstrably needs.
Takeaway:
NVIDIA OpenShell blocks all outbound network connections by default in every sandbox through its proxy-enforced default-deny stance, requiring explicit allowlisting of every permitted destination and logging all blocked connection attempts.