NanoClaw is an open-source personal AI agent designed to run locally on your machine while remaining small enough to fully understand and audit. Built as a lightweight alternative to larger agent frameworks, the system runs as a single Node.js process with roughly 3,900 lines of code spread across about 15 source files.

The agent integrates with messaging platforms such as WhatsApp and Telegram, allowing users to interact with their AI assistant directly through familiar chat applications. Each conversation group operates independently and maintains its own memory and execution environment.

A core design principle of NanoClaw is security through isolation. Every agent session runs inside its own container using Docker or Apple Container, ensuring that the agent can only access files and resources that are explicitly mounted. This approach relies on operating system–level sandboxing rather than application-level permission checks.

The architecture is intentionally simple: a single orchestrator process manages message queues, schedules tasks, launches containerized agents, and stores state in SQLite. Additional functionality can be added through a modular skills system, allowing users to extend capabilities without increasing the complexity of the core codebase.

By combining a minimal architecture with container-based isolation and messaging integration, NanoClaw aims to provide a transparent, customizable personal AI agent that users can run and control entirely on their own infrastructure.

DevSecOps in Practice