Containers

If you’ve been running OpenClaw on your host machine and quietly wondering what happens if an agent goes sideways, NanoClaw is the answer you’ve been looking for. This guide walks you through the basics of setting up NanoClaw — the new containerized OpenClaw alternative from Gavriel Cohen — so your agents run with minimal permissions and your host system stays protected. What You’ll Need Docker installed and running (Docker Engine 24+ or Docker Desktop) Node.js 18+ (for the NanoClaw CLI) An existing OpenClaw config or familiarity with SOUL.md/USER.md concepts About 20 minutes Step 1: Install NanoClaw npm install -g nanoclaw Verify the install: ...

The Summer Yue inbox-deletion incident. The OpenClaw WebSocket zero-click vulnerability. A series of agent sandboxing failures that made headlines through late 2025 and into 2026. These weren’t edge cases — they were warnings. Gavriel Cohen, a software engineer based in Israel, has been paying attention. Today, he’s shipping an answer: NanoClaw, a containerized OpenClaw alternative that puts security architecture first, not as an afterthought. What Is NanoClaw? NanoClaw is an open-source agent platform inspired by OpenClaw — but built from the ground up to run agents inside Docker containers with minimal permissions. The design philosophy is simple: agents shouldn’t have access to more of your system than they actually need to do their jobs. ...

OpenClaw Security Crisis: Six CVEs Patched, 40K Instances Exposed, and NanoClaw Rises Today is a tough day for OpenClaw’s security reputation — and an important one for anyone running the framework. Three interconnected stories broke simultaneously, painting a picture of an ecosystem under pressure: six newly-disclosed vulnerabilities, 40,000+ publicly exposed instances, and the rapid rise of a minimalist, security-first alternative called NanoClaw. Here’s the full picture, and what you need to do right now. ...