NanoClaw - lightweight alternative to OpenClaw with container isolation

Source
claude-codeai-agentscontainer-isolationself-hostingwhatsapp-bottelegram-botanthropic-sdkopenclaw

Summary

NanoClaw is a minimalist, security-first alternative to OpenClaw that runs Claude agents in isolated Linux containers (micro VMs) rather than behind application-level permission checks. It connects to WhatsApp, Telegram, Slack, Discord, and Gmail, supports scheduled tasks, and is designed to be forked and customized per user rather than configured via sprawling config files.

Key Insight

  • OpenClaw has ~500k lines of code, 53 config files, 70+ dependencies, and runs everything in a single Node.js process with shared memory. NanoClaw replaces this with a handful of files and hypervisor-level container isolation per agent.
  • Architecture: single Node.js process + SQLite + polling loop. Each agent group gets its own container with only explicitly mounted directories visible. IPC via filesystem, per-group message queues with concurrency control.
  • “Skills over features” model: instead of PRs that add capabilities to the core, contributors submit Claude Code skills (e.g. /add-telegram, /add-whatsapp) that transform the user’s fork. This keeps the base minimal while allowing full customization.
  • Setup is entirely AI-native: you run claude in the repo and type /setup. No install wizards, no dashboards, no debugging tools - you ask Claude Code to handle all of it.
  • Supports any Anthropic API-compatible endpoint (Ollama, Together AI, Fireworks) via ANTHROPIC_BASE_URL env var - not locked to Claude.
  • Currently macOS (Apple Silicon) and Windows (WSL) only. Linux Docker support coming.