NVIDIA released Agent Toolkit for secure deployment of enterprise AI agents

NVIDIA has unveiled Agent Toolkit — an open source stack for companies looking to run AI agents not in demos, but in real internal systems. At GTC 2026 in San Jose, the company demonstrated how it plans to address enterprise customers' primary concern: loss of control over data, access, and agent actions.

Why the Market Is Stalling

Enterprise clients stopped asking whether they need AI agents long ago. The question now is different: what happens when such an agent gains access to the CRM, internal documents, service desk, billing, or production processes. If a regular chatbot gives a wrong answer, that's unfortunate.

If an autonomous agent takes action on its own, an error becomes an incident, a data breach, or direct costs. This is precisely why the transition from pilots to production is moving slower than model providers promised. NVIDIA is not betting on another "smart assistant," but on an infrastructure layer designed to keep agents within defined boundaries.

The company is explicit that businesses need guardrails: access policies, network restrictions, privacy controls, and clear accountability for system actions. Until now, all of this has often been assembled manually for each specific case, which scales poorly. Agent Toolkit is positioned as an attempt to standardize this part of the market and remove the primary barrier to adoption.

What's in the Stack

The platform's key component is OpenShell, an open source runtime for autonomous agents. In NVIDIA's terminology, the agents themselves are called claws, and OpenShell ensures they operate according to company policy rather than "however they can." It enforces security, network, and privacy restrictions and should allow an agent to perform useful work without gaining excessive privileges. This is an important shift: the focus moves from the model itself to the runtime environment and behavior control.

• OpenShell — runtime environment with security policies, network and privacy restrictions
• AI-Q — blueprint for agentic search and enterprise knowledge work, built together with LangChain
• Nemotron — NVIDIA's open models for research and analytical stages within the agent pipeline
• Built-in answer evaluation — system that shows how exactly the agent arrived at its result

Within Agent Toolkit is also AI-Q — an agentic search blueprint built with LangChain. NVIDIA employs a hybrid scheme: frontier models handle orchestration, while open Nemotron models take on the research portion. According to the company, this approach can reduce request costs by more than 50% while delivering results at the level of top performers on DeepResearch Bench and DeepResearch Bench II. For enterprise, this is not a cosmetic metric: request economics is precisely what often breaks scaling after a successful pilot.

"Claude

Code and OpenClaw have initiated a turning point for agentic AI — it's moving beyond generation and reasoning into action," said Jensen Huang.

To avoid this looking purely theoretical, NVIDIA immediately tied OpenShell to the security vendor ecosystem. The company announced compatibility and partnerships with Cisco, CrowdStrike, Google, Microsoft Security, and TrendAI. The logic is straightforward: if agents are to work within corporate networks, they must integrate into existing security tools rather than asking business to build a separate world just for AI.

Who's Already Connected

NVIDIA has quickly assembled an impressive list of partners around Agent Toolkit: Adobe, Atlassian, SAP, Salesforce, ServiceNow, Siemens, Cisco, CrowdStrike, Red Hat, Box, Cohesity, Cadence, Dassault Systèmes, IQVIA, and Synopsys. This is an important signal to the market: this is not an experimental SDK for enthusiast developers, but an attempt to become the foundational layer for enterprise software. NVIDIA wants its stack to live not alongside enterprise software but beneath it — as a standard layer for agentic scenarios.

There are also more specific examples. Salesforce, together with NVIDIA, is building a reference architecture where employees use Slack as the primary interface and orchestration layer for Agentforce agents working with data from both on-premises and cloud sources. Atlassian is integrating Agent Toolkit into its Rovo strategy for Jira and Confluence. ServiceNow is developing an "autonomous workforce" of AI specialists based on this foundation. Siemens launched Fuse EDA AI Agent for automating workflows in electronics, and IQVIA has already deployed over 150 agents across internal teams and with customers, including 19 of the 20 largest pharmaceutical companies.

The toolkit is available now on build.nvidia.com and is supported on AWS, Google Cloud, Microsoft Azure, and Oracle Cloud Infrastructure.

What This Means

NVIDIA is attempting to occupy the most advantageous level of this emerging market: not just selling chips or models, but controlling the runtime, security, and economics of enterprise AI agents. If the approach with OpenShell and AI-Q truly simplifies deploying agents in production, the company has a chance to become for agentic enterprise what Kubernetes became for containers: not the only player, but the layer through which almost all serious implementations pass.