Docker on Jose Hernandezhttps://blog.josehernandez.dev/tags/docker/Recent content in Docker on Jose HernandezHugoen-usFri, 10 Apr 2026 00:00:00 +0000NVIDIA OpenShell: Run Your AI Agents in a Sandboxhttps://blog.josehernandez.dev/posts/run-agents-with-nvidia/Fri, 10 Apr 2026 00:00:00 +0000https://blog.josehernandez.dev/posts/run-agents-with-nvidia/<blockquote> <p><em>OpenShell is currently alpha software. APIs and behavior may change without notice.</em> Learn more about OpenShell by visiting <a href="https://github.com/NVIDIA/OpenShell">the Github Repo</a></p> </blockquote> <p>AI agents read your files, execute shell commands, install packages, and make network requests autonomously, at machine speed. Most people are running agents directly on their workstations or servers, with the same access as a privileged user and almost no audit trail.</p> <p><strong>NVIDIA&rsquo;s OpenShell</strong> is a runtime layer that sits between your agent and your infrastructure, and I think it is a step in the right direction since it addresses <strong>how agents should be run as a matter of course.</strong></p>Deploying AI Coding Agents: Ensuring a Safe Operating Environment for AI-Driven Developmenthttps://blog.josehernandez.dev/posts/ai-coding-agents-enterprise-isolation/Fri, 03 Apr 2026 00:00:00 -0600https://blog.josehernandez.dev/posts/ai-coding-agents-enterprise-isolation/<blockquote> <p><em>This post is intended as a starting point for security and architecture discussions when deploying agentic applications. Specific implementation details will vary based on existing infrastructure, compliance requirements, and risk tolerance. Engage your security team and, where regulated data is involved, legal counsel before deploying AI coding agents in production environments.</em></p> </blockquote> <h2 id="table-of-contents">Table of Contents</h2> <ol> <li><a href="#1-summary">Summary</a></li> <li><a href="#2-introduction">Introduction</a></li> <li><a href="#3-the-problem-space">The Problem Space</a></li> <li><a href="#4-key-risk-categories">Key Risk Categories</a></li> <li><a href="#5-human-in-the-loop">Human in the Loop</a></li> <li><a href="#6-isolation-strategies">Isolation Strategies</a></li> <li><a href="#7-comparative-analysis">Comparative Analysis</a></li> <li><a href="#8-recommendations">Recommendations</a></li> <li><a href="#9-conclusion">Conclusion</a></li> <li><a href="#10-glossary">Glossary</a></li> </ol> <hr> <h2 id="1-summary">1. Summary</h2> <p>AI coding agents such as OpenAI&rsquo;s Codex and Anthropic&rsquo;s Claude Code represent a new category of software tool: autonomous systems capable of reading, writing, and executing code on behalf of a developer. While the productivity gains are real and measurable, deploying these agents at scale introduces a class of risks that traditional teams and individuals are not equipped to evaluate.</p>