At SAP Sapphire 2025, NVIDIA and SAP announced an expanded collaboration to embed security and governance into specialized AI agents operating across enterprise systems like finance, procurement, supply chain, and manufacturing. This partnership addresses a critical shift: as AI agents move from assistants to autonomous actors, they require robust boundaries, policy enforcement, and audit trails to operate reliably in production. Here are the key questions and answers about this groundbreaking alliance.
What Exactly Was Announced at SAP Sapphire?
During SAP Sapphire, NVIDIA founder Jensen Huang joined SAP CEO Christian Klein's keynote via video to reveal that SAP is embedding NVIDIA OpenShell—an open-source runtime designed for secure AI agent development—into the SAP Business AI Platform. This integration provides a security layer for all SAP AI agents, including those built in Joule Studio, SAP’s environment for creating and managing end-to-end enterprise agents. The move ensures that agents operate within isolated execution environments with policy enforcement at the filesystem and network layers, preventing damage from agent logic failures. Additionally, SAP engineers are codesigning OpenShell alongside NVIDIA, contributing back to the open-source project.
Why Does Trust Matter for Autonomous AI Agents?
The shift from AI assistants to autonomous agents changes the trust equation fundamentally. Unlike assistants that merely suggest actions, agents can touch systems of record, cross application boundaries, and operate without human review at every step. This autonomy requires clear boundaries, policy enforcement, and an audit trail before agents can be deployed in production. Without these safeguards, enterprises risk unauthorized data access, process violations, or cascading failures. The SAP-NVIDIA collaboration directly addresses this by embedding infrastructure-level containment into the runtime, ensuring agents only see and do what their roles permit, and all actions are logged for compliance.
What Is NVIDIA OpenShell and How Does It Work?
NVIDIA OpenShell is an open-source runtime for securely developing and deploying autonomous AI agents. It provides isolated execution environments that sandbox each agent, preventing it from accessing unauthorized resources. Key features include:
- Policy enforcement at the filesystem and network layers—agents cannot read or write files outside their scope or contact unapproved servers.
- Infrastructure-level containment that guards against damage when an agent’s internal logic fails or is exploited.
- Runtime hardening for production use, including identity integration and auditing hooks.
By integrating OpenShell into SAP Business AI Platform, every SAP AI agent inherits these protections, making it safe for agents to interact with systems of record like finance databases or supply chain transactions.
Why Is the Application Layer So Critical for AI Agents?
NVIDIA CEO Jensen Huang described AI as a five-layer cake: energy, chips, infrastructure, models, and applications. The application layer sits at the top, where AI creates economic value and boosts productivity for knowledge workers. SAP is a global leader in enterprise applications—running finance, procurement, supply chain, and manufacturing workflows. For agents to be effective in these domains, they must operate within policy, identity, and process controls that are native to SAP systems. That’s why SAP’s position at the core of enterprise operations is a key driver for agentic AI adoption: agents need to understand roles, permissions, data boundaries, and where inference runs. The OpenShell integration ensures this alignment.
How Are SAP and NVIDIA Collaborating on Agentic AI?
The partnership goes beyond vendor integration—both companies bring unique perspectives. NVIDIA itself is a longstanding SAP customer, running finance, supply chain, and logistics on SAP. This gives both teams shared context for what enterprise-grade governance requires in practice. SAP engineers are working alongside NVIDIA’s to further develop OpenShell’s open-source codebase, focusing contributions on:
- Runtime hardening for production workloads.
- Policy modeling that maps agent actions to enterprise policies.
- Enterprise identity integration, ensuring agents respect user roles and permissions.
- Auditing and governance hooks for compliance and traceability.
This codesign ensures that OpenShell meets the real-world needs of large enterprises deploying agentic AI at scale.
What Are the Key Enterprise Requirements for Trustworthy Agents?
For AI agents to become production-ready, enterprises require:
- Boundaries – Agents must only access data and systems they are authorized to use.
- Policy enforcement – Automated checks at runtime prevent unauthorized actions.
- Audit trails – Every action is logged for security reviews and compliance.
- Runtime containment – Even if an agent makes a mistake or is attacked, the damage is limited by infrastructure isolation.
- Identity integration – Agents inherit the permissions of the user or role that invoked them.
By addressing these needs through OpenShell, SAP and NVIDIA enable specialized agents to operate securely across finance, procurement, supply chain, and manufacturing workflows—unlocking the full potential of agentic AI at the application layer.