NanoClaw
Open-source platform that runs Claude agents in isolated per-session containers, connects them to messaging channels, keeps per-agent memory and scheduled tasks, and routes credentials through a vault so keys never enter containers.
Open the source and read safety notes before installing.
Safety notes
- Agents run in OS-level container isolation (Docker or Apple Container) with explicit filesystem mounts; bash commands execute inside containers, not on the host.
- Each agent group gets its own container, isolated CLAUDE.md memory, and selective mounts, limiting what a single agent can reach.
- Scheduled tasks run Claude on a recurring basis and can message users automatically; review schedules and message permissions.
- Messaging channels are installed on demand and can send outbound messages on your behalf, so scope which channels and agents are enabled.
Privacy notes
- API keys never enter containers; outbound requests route through OneCLI's Agent Vault, which enforces per-agent policies and rate limits.
- Messages flow through inbound/outbound SQLite databases rather than shared memory, and each agent group only accesses explicitly mounted directories.
- Channels can be configured for full per-channel privacy, unified memory with separate conversations, or a single shared session; choose the mode that matches your privacy needs.
- Running Claude through the Anthropic Agent SDK sends conversation context to Anthropic's API.
Prerequisites
- macOS or Linux, or Windows via WSL2.
- Node.js 20+ and pnpm 10+.
- Docker Desktop or Engine (or Apple Container on macOS) for container isolation.
- Claude Code for skills and customization, plus Anthropic Agent SDK access.
Schema details
- Install type
- copy
- Troubleshooting
- No
- Scope
- Source repo
- Website
- https://nanoclaw.dev
- Pricing
- open-source
- Disclosure
- editorial
- Application category
- DeveloperApplication
- Operating system
- macOS, Windows, Linux
Full copyable content
git clone https://github.com/nanocoai/nanoclaw.git nanoclaw-v2
cd nanoclaw-v2
bash nanoclaw.shAbout this resource
Overview
NanoClaw is a lightweight, open-source platform for running Claude agents safely. It orchestrates per-session agent containers that receive incoming messages, run Claude through Anthropic's Agent SDK, and deliver responses back through messaging channels. It is positioned as a security-focused alternative that gives agents only the access they explicitly need.
It is released under the MIT license and is primarily TypeScript, running on Node.js with Docker (or Apple Container on macOS) for isolation and SQLite for message storage.
Features
- Per-session agent containers with OS-level isolation and selective mounts.
- Multi-channel messaging: WhatsApp, Telegram, Discord, Slack, Teams, iMessage, Matrix, Gmail, and more, installed on demand.
- Per-agent workspace with isolated CLAUDE.md memory.
- Scheduled, recurring tasks that can run Claude and message users.
- Web search and fetch from within agents.
- Credential security: API keys never enter containers, routed via a vault.
Use Cases
- Run Claude-powered assistants across messaging platforms with isolation.
- Give each agent group its own sandboxed memory and filesystem scope.
- Schedule recurring agent jobs that can notify users.
- Keep credentials out of agent containers while still calling external APIs.
Installation
Clone the repository and run the setup script:
git clone https://github.com/nanocoai/nanoclaw.git nanoclaw-v2
cd nanoclaw-v2
bash nanoclaw.sh
Disclosure
Editorial listing. No paid placement or affiliate relationship. NanoClaw is open source under the MIT license.
Source citations
Signals
Loading live community signals…
A short, calm digest of reviewed Claude resources. Unsubscribe any time.