The Executive Summary Subscribe
nvidia

How Nvidia flipped the board on agentic work

How Nvidia flipped the board on agentic work
Photo by BoliviaInteligente / Unsplash

Companies buying AI today are renting a brain - albeit a frustrating one that often takes longer to do things and requires more attempts than if you did them yourself.

They probably pay a monthly fee to OpenAI, Anthropic or Google. The model feels like an investment because it has the famous name and the benchmark scores.

"Are you doing AI?"

"Oh, yes. We have Claude. We don't know what to do with it, but we've got it."

But earlier this year, Nvidia openly challenged the validity and longevity of this approach by demonstrating that the AI brain is highly interchangeable.

At its conference in March, Nvidia announced the Agent Toolkit, a software stack for running AI agents. In other words, AI-based employees that take actions on your behalf rather than just answering questions.

Nvidia is effectively saying that it doesn't matter which AI products you use to build agents, you still need an 'office' or control layer for those AI employees - and Nvidia intends to be it. They call that office OpenShell.

In the office, the agent gets a locked room so it can only reach the things you have given it. A supervisor checks every action it tries to take, whether that is opening a file, sending something over the internet or running a program. A mailroom decides which requests can be handled by cheap AI models on your own computers and which need to go out to the expensive ones like Claude or GPT, removing private information before anything leaves.

This removes a huge privacy risk for companies.

The clever bit is that the agent has no say in any of this. The rules sit outside the AI employee itself, so it cannot talk its way around them and no attacker can trick it into switching them off.

A lot of companies today put their safety rules inside the AI's instructions, which is like asking the new employee to please supervise themselves and trusting they can or will do it.

OpenShell makes the building enforce the rules instead. Whoever owns the office, owns the relationships - and you can port your AI employees straight into it.

If your AI strategy is a stack of API subscriptions, this exposes three blind spots.

Firstly, your guardrails are probably suggestions. People tend to write their safety rules into prompts, which live inside the very process they are supposed to constrain.

That is bad form and dangerous.

Ask every vendor one brutal question: where does your control point live? If the answer is "in the prompt", you have a polite request, and prompt injection attacks exist to defeat polite requests.

(Prompts are the commands you give AI.)

Secondly, you may have no one making decisions as to what data may leave your building. Today agents or rented AI is making calls as to what data it can send to its HQ.

OpenShell makes this a matter of policy, stripping personal information before prompts reach external APIs. Firms on consumer API terms, and many mid-sized companies are without knowing it, may be feeding their data into someone else's retraining.

Thirdly, this removes contractual lock-in, which is what the frontier models, such as OpenAI, Anthropic and Google rely on. The former two are betting their IPO valuations on it. As Large Language Models (LLMs like ChatGPT and Claude) become more widespread, efficient and cheap - and they are interchangeable - you would see the valuation of frontier models drop significantly.

Now I know what you're going to say. "We use Google and it keeps everything in a closed environment."

Just watch Google provide the office layer - they know this is the real frontier right now.

This office layer is the new ground to watch, because whoever runs it, runs your agents and becomes much harder to remove than the LLMs.

Think of LLMs like temp agencies and OpenShell like the work environment. I can change the agency easily and there are lots of them. There is only one head of operations who knows my company however, and I would think far more carefully before removing them - and their team of 200.

Even then, however, you would still need external vetting and audits to ensure your AI employees are not designed to do harm.

There is so much happening in this space and I think companies are falling down rabbit holes everywhere. It is the Kobayashi Maru scenario:

  • Do nothing, fall behind.
  • Pick a US LLM model, hand over your data, break the law, open yourself to legal challenges.
  • Tighten up your governance, watch productivity drop as you have no strategy.
  • Get a strategy, you're out of date and the market has changed.You need new skills too.
  • Choose a Chinese open-source model, give your data to China and spend a fortune on hardware.
  • Learn everything on one LLM model, they are now no longer as useful and you need to buy your own 'office' now and what you learned is interchangable
  • Buy an 'office' for AI agents, you still need to audit their intentions.

Best of luck with it


If your company is struggling with its AI strategy, you need is to get your leadership clued up and aligned on AI. Reach out to join my Caipability workshop so your leadership team can learn the basics and see how AI will deliver productivity for you.

In these sessions we cover: what AI really is, how to use it, how other firms and your competitors are using it - and how to build for your company and customers.

You also get your own AI OpenClaw agent.

Please message me for details.

CEOs read The Executive Summary. Do you?

The AI and growth briefing for the people in the room when the decisions get made.