It’s been a whirlwind for NanoClaw creator Gavriel Cohen.
About six weeks in the past, he launched NanoClaw on Hacker Information as a tiny, open supply, safe different to the AI agent-building sensation OpenClaw, after he constructed it in a weekend coding binge. That post went viral.
“I sat down on the sofa in my sweatpants,” Cohen advised TechCrunch, “and simply principally melted into [it] the entire weekend, in all probability nearly 48 hours straight.”
About three weeks in the past, an X put up praising NanoClaw from famed AI researcher Andrej Karpathy went viral.
A couple of week in the past, Cohen closed down his AI advertising and marketing startup to focus full-time on NanoClaw and launch an organization round it known as NanoCo. The eye from Hacker Information and Karpathy had translated into 22,000 stars on GitHub, 4,600 forks (individuals constructing new variations off the venture), and over 50 contributors. He’s already added a whole bunch of updates to his venture with a whole bunch extra within the queue.
Now, on Friday, Cohen announced a deal with Docker — the corporate that primarily invented the container know-how NanoClaw is constructed on, and counts tens of millions of builders and almost 80,000 enterprise clients — to combine Docker Sandboxes into NanoClaw.
Scary safety of OpenClaw
It began when Cohen launched an AI advertising and marketing startup together with his brother, Lazer Cohen, just a few months in the past. The startup supplied advertising and marketing companies like market analysis, go-to-market evaluation, and weblog posts by way of a small group of individuals utilizing AI brokers.
Techcrunch occasion
San Francisco, CA
|
October 13-15, 2026
The company began reserving clients, and was on observe to hit $1 million in annual recurring income, the brothers advised TechCrunch.
“It was going rather well, nice traction. I’m an enormous believer in that enterprise mannequin of AI-native service firms which have margins and function like a software program firm however are literally offering companies,” mentioned Cohen, a pc programmer who beforehand labored for web site internet hosting firm Wix.
He had constructed the brokers the startup was utilizing, largely utilizing Claude Code, every designed to do particular duties. However there was “a bit” lacking, he mentioned. The agent might do work when prompted, however the people couldn’t pre-schedule work, or join brokers to group communication instruments like WhatsApp and assign duties that means. (WhatsApp is to a lot of the world what Slack is to company America.)
Cohen heard about OpenClaw, the favored AI agent software whose creator now works for OpenAI. Cohen used it to construct out these closing interfaces, and beloved it.
“There was this massive aha second of: That is the piece that connects all of those separate workflows that I’ve been constructing,” he mentioned and instantly determined, “I would like extra of them: on R& D, on product, on consumer administration,” one for each process the startup needed to deal with.
However then OpenClaw scared the bejesus out of him.
In researching a hiccup with efficiency, he stumbled throughout a file the place the OpenClaw agent had downloaded all of his WhatsApp messages and saved them in plain, unencrypted textual content on his laptop. Not simply the work-related messages it was given specific entry to, however all of them, his private messages too.
OpenClaw has been broadly panned as a “security nightmare” due to the best way it accesses reminiscence and account permissions. It’s tough to restrict its entry to information on a machine as soon as it has been put in.
That difficulty will seemingly enhance over time, given the venture’s reputation, however Cohen had one other concern: the sheer dimension of OpenClaw. As he researched safety choices for it, he noticed all of the packages that had been bundled into it. It included an “obscure” open supply venture he himself had written just a few months earlier for enhancing PDFs utilizing a Google picture enhancing mannequin. He had no thought it was there — he wasn’t even actively sustaining that venture.
He realized there was no means for him to validate all OpenClaw’s code and its dependencies, which, by some estimates, sprawled across 800,000 strains of code.
So he constructed his personal in simply 500 strains of code, supposed for use for his firm, and shared it. He primarily based it on Apple’s new container tech, which creates remoted environments that stop software program from accessing any information on a machine past what it’s explicitly approved to make use of.
Going viral
At 4 a.m., a few weeks after sharing it on Hacker Information, his telephone began ringing continuous. A buddy had seen Karpathy’s put up and was urging Cohen to get up and begin tweeting, which he did, setting off a public discussion with the well-known AI researcher.
Consideration to NanoClaw adopted like a landslide. Extra tweets, YouTube reviews from programmers, and news stories. A site squatter even snagged a NanoClaw web site URL. The proper one is nanoclaw.dev.
Then Oleg Šelajev, a developer who works for Docker reached out. Šelajev noticed the excitement and modified NanoClaw to exchange Apple’s container know-how with Docker’s competing different, Sandboxes.
Cohen had no hesitation about pushing out assist for Sandboxes as a part of the primary NanoClaw venture. “That is not my very own private agent that I’m working on my Mac Mini,” he recalled pondering. “This now has a group round it. There are literally thousands of individuals utilizing it. Yeah, I mentioned, I’m going to maneuver over to the usual.”
For all of the modifications these weeks have introduced Cohen and his brother Lazer, now CEO and president of NanoCo, respectively, one space nonetheless must be found out: how NanoCo will earn money.
NanoClaw is free and open supply and, as these items go, the Cohens vow it all the time might be. They know they’d be strung up as villains in the event that they ever betrayed the open supply group by altering that. At the moment the Cohens live on a friends-and-family fundraising spherical, they mentioned.
Whereas they’re cautious about asserting their industrial plans — largely as a result of they haven’t had an opportunity to completely formulate them — VCs are already calling, they are saying.
The sport plan is to construct a totally supported industrial product with companies together with so-called forward-deployed engineers — specialists embedded immediately with consumer firms to assist them construct and handle their techniques. This may seemingly give attention to aiding firms in constructing and sustaining safe brokers. That’s, nevertheless, a crowded discipline rising extra crowded by the hour.
However given the large group of builders that NanoClaw simply unlocked with Docker, we’re positive to listen to extra about this quickly.
Pictured above from left to proper, Lazer and Gavriel Cohen.
Thanks for studying! Be a part of our group at Spectator Daily
