Join us

ContentUpdates and recent posts about NanoClaw..
Link
devopslinks
@devopslinks shared a link, 2 weeks, 1 day ago
FAUN.dev()

Chinese Vulnerability Database: CNVD vs CNNVD Analysis

Investigation profilesCNNVDandCNVDechoCVE. They reveal manual errors and poor machine-readability. China’s July 2021RMSVmandates 48-hour reporting and bans pre-patch disclosure. Mapping gaps exist. The databases published about1.4kentries ahead ofCVE, with lead times measured in months... read more  

Chinese Vulnerability Database: CNVD vs CNNVD Analysis
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
devopslinks
@devopslinks shared a link, 2 weeks, 1 day ago
FAUN.dev()

Building a Least-Privilege AI Agent Gateway for Infrastructure Automation with MCP, OPA, and Ephemeral Runners

Introduces anAI Agent Gateway. It mediates agent requests, validates intent, enforcespolicy-as-code, and isolates execution inephemeral runners. Agents discover tools viaMCP. They submitJSON-RPCcalls and receiveOPAdecisions. Jobs queue and run in short-lived namespaces. Each run carries plan hashes,.. read more  

Building a Least-Privilege AI Agent Gateway for Infrastructure Automation with MCP, OPA, and Ephemeral Runners
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
devopslinks
@devopslinks shared a link, 2 weeks, 1 day ago
FAUN.dev()

Please stop externalizing your costs directly into my face

SourceHut spent20–100%of weekly time mitigating hyper‑aggressive LLM crawlers. That work caused dozens of short outages and delayed core projects. The crawlers ignorerobots.txt. They hit costly endpoints likegit blame. They scan full git logs and commits. They rotate randomUser‑Agentsand thousands o.. read more  

Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
devopslinks
@devopslinks shared a link, 2 weeks, 1 day ago
FAUN.dev()

The hunt for truly zero-CVE container images

Chainguard's Factory 2.0 andDriftlessAFrebuild images from source on upstream changes. They produce 2,000+ minimalzero‑CVEimages. Each image includes anSBOMand a cryptographicsignature. Docker'sDHIbuilds onDebianandAlpine. It mirrors Debian'sno‑DSAtriage intoVEX. It also suppresses real CVEs until D.. read more  

Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
 Activity
secuodsoft
@secuodsoft started using tool MySQL , 2 weeks, 3 days ago.
 Activity
secuodsoft
@secuodsoft started using tool Kubernetes , 2 weeks, 3 days ago.
 Activity
secuodsoft
@secuodsoft started using tool Jenkins , 2 weeks, 3 days ago.
 Activity
secuodsoft
@secuodsoft started using tool Docker , 2 weeks, 3 days ago.
 Activity
secuodsoft
@secuodsoft started using tool Python , 2 weeks, 3 days ago.
 Activity
secuodsoft
@secuodsoft started using tool PHP , 2 weeks, 3 days ago.
NanoClaw is an open-source personal AI agent designed to run locally on your machine while remaining small enough to fully understand and audit. Built as a lightweight alternative to larger agent frameworks, the system runs as a single Node.js process with roughly 3,900 lines of code spread across about 15 source files.

The agent integrates with messaging platforms such as WhatsApp and Telegram, allowing users to interact with their AI assistant directly through familiar chat applications. Each conversation group operates independently and maintains its own memory and execution environment.

A core design principle of NanoClaw is security through isolation. Every agent session runs inside its own container using Docker or Apple Container, ensuring that the agent can only access files and resources that are explicitly mounted. This approach relies on operating system–level sandboxing rather than application-level permission checks.

The architecture is intentionally simple: a single orchestrator process manages message queues, schedules tasks, launches containerized agents, and stores state in SQLite. Additional functionality can be added through a modular skills system, allowing users to extend capabilities without increasing the complexity of the core codebase.

By combining a minimal architecture with container-based isolation and messaging integration, NanoClaw aims to provide a transparent, customizable personal AI agent that users can run and control entirely on their own infrastructure.