Why containers instead of host-level permission checks?

[NanoClaw](https://github.com/qwibitai/nanoclaw) uses containers as the trust boundary: commands run in isolated processes and only explicitly mounted directories are visible. This is closer to OS-level least privilege than app-only allowlists.

How does the WhatsApp channel work?

It relies on the [WhatsApp](https://www.whatsapp.com/) Web ecosystem; a common approach is using libraries like [Baileys](https://github.com/WhiskeySockets/Baileys) to manage sessions and send/receive messages in a polling loop. You can swap the channel in your fork.

How do memory and scheduled jobs avoid cross-talk?

Each group has its own directory and memory file; inbound messages are queued per group with a global concurrency cap. State is persisted locally so restarts can resume per-group execution cleanly.

NanoClaw Deep Dive: Secure OpenClaw Alternative in Containers

Pain Points vs Innovation

✕Traditional Pain Points	✓Innovative Solutions
Running agents directly on the host makes it hard to be secure-by-default; a prompt mistake can touch real files and commands.	NanoClaw treats containers as the first security boundary—using Docker or Apple Container for filesystem isolation so tools run inside a controlled sandbox.
General-purpose assistants often grow into dependency-heavy systems that are difficult for one person to audit and customize.	A minimal single-process design keeps the message loop, scheduler, memory store, and container runner on the shortest path, while skills-based changes avoid bloating the core.

Deployment Guide

1. Prepare runtime (macOS/Linux, Node 20, and a container runtime)

bash

1node --version  # v20.x; docker --version  # Docker on macOS/Linux; Apple Container optional on macOS

2. Clone the repo

bash

1git clone https://github.com/qwibitai/nanoclaw.git && cd nanoclaw

3. Use Claude Code for guided setup and auth (deps + container wiring)

bash

1claude

4. Run the guided diagnostics flow

bash

1# Follow Claude Code prompts: setup / debug; verify WhatsApp connectivity and scheduler runs

Use Cases

Core Scene	Target Audience	Solution	Outcome
Security-first private WhatsApp assistant	individuals and indie builders	trigger summaries and automations via WhatsApp while tools run inside containers	self-hosted automation with a safer trust boundary
Group-isolated family/team helper	families or small teams	each group gets isolated memory and filesystem context plus scheduled briefings	long-running assistance without cross-group context leakage
Minimal, auditable ops automation agent	engineers offloading repetitive tasks	encode recurring workflows as scheduled jobs	controlled execution via readable code and container isolation

NanoClaw

What is it?

Pain Points vs Innovation

Architecture Deep Dive

Deployment Guide

1. Prepare runtime (macOS/Linux, Node 20, and a container runtime)

2. Clone the repo

3. Use Claude Code for guided setup and auth (deps + container wiring)

4. Run the guided diagnostics flow

Use Cases

Limitations & Gotchas

Frequently Asked Questions