Israeli developer Gavriel Cohen has created NanoClaw, a lightweight AI agent platform that runs each agent in isolated containers to address security concerns that plagued the popular OpenClaw platform.
A new AI agent platform called NanoClaw has emerged as a more secure alternative to the popular OpenClaw platform, addressing growing concerns about AI agents running amok and causing damage.
Security concerns drive innovation
The catalyst for NanoClaw's development was a series of security incidents with OpenClaw, including a case where an agent deleted a user's entire inbox. These incidents highlighted a fundamental problem: AI agents given broad access to systems and data can cause significant damage when they malfunction or are compromised.
Gavriel Cohen, a software engineer based in Israel, experienced these security issues firsthand while using OpenClaw for his digital marketing agency. "I started to see massive security issues with OpenClaw," Cohen explained. "I mean I just saw issue after issue after issue and we were getting a ton of value from it, but it's burning a hole in my subconscious."
Container-based isolation as the key innovation
NanoClaw's core innovation is running each AI agent in its own isolated container. This approach contrasts sharply with OpenClaw's architecture, where multiple agents and integrations share the same environment.
"With NanoClaw, each agent runs in its own container," Cohen said. "If you're connecting it to your WhatsApp, that agent doesn't see all of your WhatsApp data. It only has the group that that specific agent has been connected to and the messages from the group that it should be seeing."
This container-based approach means agents can be given broader tool access without risking system-wide damage. An agent can have full bash access and install tools within its container, but those actions are contained and don't affect the broader system.
Small codebase enables security auditing
Another distinguishing feature of NanoClaw is its compact codebase of approximately 4,000 lines of code, compared to OpenClaw's 400,000 lines. This smaller size makes the platform more auditable and manageable.
"Anybody could review it, understand it, ask Claude a few questions if you need and get the sense of what's the security model, what's the architecture, how does it work," Cohen said. This transparency addresses one of the key assumptions about open source software – that the community can review and improve the code.
Built on Claude Code and Anthropic's Agent SDK
Rather than building from scratch, Cohen leveraged Anthropic's Claude Code as the foundation for NanoClaw. This decision allowed him to focus on the orchestration layer rather than reinventing existing capabilities.
"It took me a weekend to build what's needed around Claude Code, but it very heavily uses Claude Code's capabilities and is not trying to reinvent the wheel and build things that already exist," Cohen said.
The changing landscape of AI development
The development of NanoClaw reflects broader changes in AI-assisted programming. Since late 2025, with the release of advanced models like Claude Opus 4.5, Gemini 3, and GPT-5.2, AI coding assistants have become significantly more capable.
Influential AI researcher Andrej Karpathy noted that coding agents "basically didn't work before December and basically work since" due to improvements in model quality, long-term coherence, and ability to handle complex tasks.
Business value despite security trade-offs
Despite security concerns, Cohen found significant business value in AI agents. His sales-focused agent was performing work equivalent to a human employee, and in some cases, doing it better.
"What we saw when we connected it to our sales pipeline was that it was doing the work of an employee," Cohen said. "And doing it better than an employee would."
He emphasized that the comparison isn't about perfect accuracy but rather about reliability compared to human workers. "When you work with a colleague, a teammate, an employee, they don't get everything right. Things fall through the cracks as well."
Open source future
Cohen plans to keep NanoClaw open source and continue developing it with community support. He sees potential for NanoClaw to become the orchestration layer that many businesses need for deploying AI agents securely.
"I think that what we're building can be the orchestration layer that a lot of people are talking about that you need on top of agents," Cohen said. "That right kind of abstraction nudges people towards using pre-built solid pieces instead of trying to build their own agents."
The platform aims to unlock value for businesses, including security-conscious enterprises that have been hesitant to deploy AI agents due to security concerns.
As AI agents become increasingly integrated into business workflows, solutions like NanoClaw that address security concerns while maintaining functionality may become essential infrastructure for the AI-powered workplace of the future.
Comments
Please log in or register to join the discussion