NanoClaw is a lightweight, secure AI assistant platform designed as an alternative to OpenClaw, focusing on simplicity, transparency, and robust container-based isolation. Its primary purpose is to enable users to run AI agents that interact with a wide variety of messaging platforms—including WhatsApp, Telegram, Slack, Discord, Gmail, and many others—while maintaining strong security boundaries and minimizing complexity. Unlike monolithic frameworks, NanoClaw is intentionally built with a small, understandable codebase, allowing users to easily review, customize, and adapt the software to their specific needs.
NanoClaw’s architecture centers on running each agent in its own Linux container, ensuring true OS-level isolation. This means agents only have access to explicitly mounted resources, and any shell commands or scripts are executed within the container, not on the host machine. The platform leverages Docker for cross-platform compatibility (macOS, Linux, Windows via WSL2), with optional support for micro-VM isolation and Apple Container on macOS. Credentials are managed securely through OneCLI’s Agent Vault, which injects authentication at request time and enforces per-agent policies and rate limits, ensuring that sensitive API keys never enter the containers.
The platform supports multi-channel messaging, allowing users to connect one or multiple messaging apps to their agents. Each channel can be linked to its own agent for privacy, or multiple channels can share an agent for unified memory and conversation continuity. The isolation model is flexible, letting users decide how channels and agents interact. Each agent group has its own workspace, memory, container, and configuration, with strict boundaries unless explicitly wired together.
NanoClaw includes features such as scheduled tasks (recurring jobs that run Claude and can message users), web access for searching and fetching content, and per-agent workspaces. The onboarding and setup process is streamlined via the nanoclaw.sh script, which installs dependencies, registers credentials, builds containers, and pairs channels. If any step fails, Claude Code is invoked to diagnose and resume setup, reflecting NanoClaw’s AI-native philosophy where the assistant helps with customization, debugging, and error recovery.
Customization is handled directly through code changes rather than configuration files, reinforcing the platform’s goal of avoiding configuration sprawl. Users can instruct Claude Code to modify behavior, add greetings, change trigger words, or implement new features, making the system highly adaptable. New channel adapters and agent providers are added as skills on dedicated branches, keeping the main codebase lean and focused on registry and infrastructure.
NanoClaw’s architecture is based on a single Node host process that orchestrates per-session agent containers. Messages are routed through an entity model, written to session-specific SQLite databases, and processed by the agent-runner inside containers. Responses are delivered back through channel adapters, with no cross-mount contention or complex IPC. The codebase is organized into clear modules for routing, delivery, session management, container running, and database handling.
Overall, NanoClaw offers a secure, customizable, and minimalistic platform for running AI agents across multiple messaging channels, emphasizing user control, container isolation, and ease of understanding. Its design philosophy prioritizes skills over features, letting users tailor their installation to their exact requirements without inheriting unnecessary complexity.
