NanoClaw

Your personal AI agent. Secure. Lightweight. Yours.

The official website for NanoClaw, the secure personal AI agent. NanoClaw runs securely in containers, built to be understood and customized for your own needs.

Get Started Join Discord

21.2k+ stars on GitHub

Why NanoClaw?

NanoClaw delivers the same core functionality in a codebase you can actually understand.

		OpenClaw
Source files	15	3,680
Lines of code	~3,900	434,453
Dependencies	<10	70
Config files	0	53
Time to understand	8 minutes	1–2 weeks
Security model	OS container isolation	Application-level checks
Architecture	Single process + isolated containers	Single process, shared memory

What It Supports

Everything NanoClaw supports out of the box, and nothing you don't need.

💬

Messaging Apps

WhatsApp, Telegram, and more. Message your NanoClaw agent from your phone through the apps you already use.

🔒

Container Isolation

Agents run in Apple Container (macOS) or Docker. They can only see what you explicitly mount.

🐝

Agent Swarms NEW

NanoClaw can spin up teams of specialized agents that collaborate on complex tasks. First personal AI to support this.

🧠

Per-Group Memory

Each group has its own CLAUDE.md memory, isolated filesystem, and runs in its own container sandbox.

⏰

Scheduled Tasks

Recurring jobs that run Claude and message you back. Morning briefings, weekly reviews, and more.

🧩

Skills System

Extend functionality without bloat. Add Gmail, Telegram, or custom capabilities via skills.

✨

AI-Native Setup

No installation wizards. Claude Code guides everything: dependencies, auth, containers, services.

🌐

Web Access

NanoClaw can search the web, fetch content, and browse pages to research anything.

Architecture

NanoClaw is a single Node.js process. Agents in isolated containers. 15 source files.

Message In

WhatsApp / Telegram

SQLite

store & deduplicate

Group Queue

per-group FIFO

Container

Claude Agent SDK

Response

streamed back

Single Process

One Node.js process polls for messages, manages queues, spawns containers, and handles IPC. No microservices, no message brokers.

Per-Group Isolation

Each group gets its own container, filesystem, IPC namespace, and Claude session. Groups cannot access other groups' data.

Concurrency Control

GroupQueue limits concurrent containers (default: 3). Per-group FIFO ordering with retries on failure using exponential backoff.

IPC via Filesystem

Containers communicate with the host through JSON files in per-group directories. The host polls, validates authorization, executes, and cleans up.

Key Files

index.ts — Orchestrator — polling loop, message processing, agent invocation

container-runner.ts — Spawns containers with isolated mounts, streams output

group-queue.ts — Per-group FIFO queue with concurrency limits and retry backoff

ipc.ts — Processes container IPC requests with authorization checks

db.ts — SQLite — messages, sessions, groups, tasks, router state

task-scheduler.ts — Cron, interval, and one-shot scheduled task execution

Philosophy

The principles that shape every NanoClaw decision.

🔍

Small enough to understand

NanoClaw is one process, a handful of source files. Small enough that you can read and understand the entire codebase.

🛡️

Secure by isolation

Agents run in Linux containers. They can only see what's explicitly mounted. Bash is safe because it runs inside the container.

👤

Built for one user

NanoClaw isn't a monolithic framework. It's working software that fits your exact needs. Fork it, have Claude Code make it match yours.

🤖

AI-native

No installation wizard; Claude Code guides setup. No dashboard; ask Claude. No debugging tools; describe the problem.

🧩

Skills over features

Contributors add Claude Code skills like /add-telegram that transform your installation. You end up with clean code that does exactly what you need.

⚡

Best harness, best model

Runs on Claude Agent SDK, which means you're running Claude Code directly. The harness matters. A good one gives smart models superpowers.

Get Started with NanoClaw in 3 Lines

Clone NanoClaw, enter the directory, and let Claude handle the rest.

Terminal
 $ git clone https://github.com/qwibitai/nanoclaw.git
 $ cd nanoclaw
 $ claude 

Then run /setup Claude Code handles everything: dependencies, authentication, container setup, service configuration.

Requirements

macOS or Linux Node.js 20+ Claude Code Apple Container (macOS) or Docker

In the News

FAQ

What is NanoClaw?

NanoClaw is a lightweight, open-source personal AI agent that runs on your own machine. It connects to messaging apps like WhatsApp, Telegram, Slack, Discord, and Signal, runs every agent session inside an isolated container (Docker or Apple Container), and is built around just 15 source files you can read in a single sitting. It's built on the Claude Agent SDK and designed for people who want to own and fully control their AI assistant.

How is NanoClaw different from OpenClaw?

OpenClaw is a monolithic framework with thousands of source files and dozens of dependencies. NanoClaw takes the opposite approach: ~15 source files, a single Node.js process, and real OS-level container isolation instead of application-level permission checks. If you want something you can fully audit, understand, and customize, NanoClaw is built for that.

Is NanoClaw secure?

Security is a core design principle. Every agent session runs inside an isolated Linux container with its own filesystem, IPC namespace, and process space. Agents can only access directories that are explicitly mounted, and there's no ambient access to your system. Because the entire codebase is around 3,900 lines of code across 15 files, you can realistically audit everything the software does. This combination of container-level isolation and a small, auditable codebase makes NanoClaw one of the most transparent and secure ways to run AI agents.

Do I need to know how to code to use NanoClaw?

No. NanoClaw uses an AI-native setup process where Claude Code handles installation, configuration, and ongoing changes interactively. You run the /setup skill and follow the prompts. If you want to customize behavior later, you describe what you want in plain language and Claude Code modifies the codebase for you. That said, being comfortable with a terminal and running a few commands like git clone is expected.

Is NanoClaw free?

NanoClaw itself is completely free and open source under the MIT license. However, it runs on the Claude Agent SDK, which requires a Claude API key or a Claude Code subscription. The cost depends on how much you use it. NanoClaw is designed to be lightweight in token usage, but the underlying AI usage is billed by Anthropic.

What messaging apps does NanoClaw support?

NanoClaw ships with WhatsApp support out of the box and can be extended to work with Telegram, email, and other channels through the skills system. Adding Telegram is as simple as running the /add-telegram skill, which walks you through the full setup. The architecture is designed so that messaging channels are modular, so you can run one or multiple channels side by side, each with their own configuration.

What container runtimes are supported?

NanoClaw supports both Apple Container and Docker. On macOS, Apple Container provides fast, lightweight sandboxing optimized for Apple silicon, while Docker is available as an alternative. On Linux, Docker is used automatically. During the initial /setup process, you choose which runtime to use based on your platform and preferences.

Can I run NanoClaw on Linux?

Yes. NanoClaw runs on both macOS and Linux. On Linux, Docker is used as the container runtime and is configured automatically during setup. The system requirements are Node.js 20 or later, Claude Code, and a container runtime (Docker on Linux). The /setup skill handles all dependency checks and configuration for your platform.

How do I set up and configure NanoClaw?

NanoClaw uses an AI-native setup process. After cloning the repository and running Claude Code, you run the /setup skill, which guides you through installing dependencies, authenticating your messaging channels, configuring your container runtime, and starting the background services. There are no manual configuration files to edit. Claude Code handles the entire setup interactively. For ongoing changes, you can describe what you want and Claude Code will make the modifications directly in the codebase.

How does NanoClaw compare to other AI agent frameworks?

Most AI agent frameworks are designed for teams building products. They're large, complex, and require significant investment to understand. NanoClaw is designed for individuals who want a personal AI assistant that they fully own and control. It runs as a single Node.js process, uses real container isolation rather than application-level sandboxing, and is small enough to understand completely. It runs on the Claude Agent SDK, giving you direct access to Claude's capabilities without abstraction layers.

Is NanoClaw open source?

Yes. Nano Claw is fully open source under the MIT license. The entire codebase is available on GitHub, and contributions are welcome. The project encourages forking and customization. The philosophy is that your personal AI agent should be working software tailored to your exact needs, not a generic framework you configure.