SecureShell is a zero-trust execution layer for LLM agents with shell access. It prevents prompt-injection-driven command execution, enforces safety policies, and provides structured feedback for self-correcting agents. Plug-and-play with LangChain, MCP, all major providers and local agent on Ollama and llama.cpp.