My personal Claude assistant that runs securely in Apple containers. Lightweight and built to be understood and customized for your own needs.
Why I Built This
OpenClaw is an impressive project with a great vision. But I can't sleep well running software I don't understand with access to my life. OpenClaw has 52+ modules, 8 config management files, 45+ dependencies, and abstractions for 15 channel providers. Security is application-level (allowlists, pairing codes) rather than OS isolation. Everything runs in one Node process with shared memory.
NanoClaw gives you the same core functionality in a codebase you can understand in 8 minutes. One process. A handful of files. Agents run in actual Linux containers with filesystem isolation, not behind permission checks.
Quick Start
git clone https://github.com/gavrielc/nanoclaw.git cd nanoclaw claude
Then run /setup . Claude Code handles everything: dependencies, authentication, container setup, service configuration.
Philosophy
Small enough to understand. One process, a few source files. No microservices, no message queues, no abstraction layers. Have Claude Code walk you through it.
Secure by isolation. Agents run in Linux containers (Apple Container). They can only see what's explicitly mounted. Bash access is safe because commands run inside the container, not on your Mac.
... continue reading