nanoclaw

Name: nanoclaw Review
Item: nanoclaw
Rating: 3.8
Author: Aaron Matthews

Skill Security Solid

A lightweight alternative to OpenClaw that runs in containers for security. Connects to WhatsApp, Telegram, Slack, Discord, Gmail and other messaging apps,, has memory, scheduled jobs, and runs directly on Anthropic's Agents SDK

27,376 starsMIT (commercial OK)FreeQuick setup

Why it matters

Offers a lightweight, container-based security tool with connectivity to WhatsApp, Telegram, and other messaging platforms. Teams get messaging integrations with a reduced attack surface through containerized execution.

Best for

Security-conscious teams who need messaging platform integrations with a lightweight, container-isolated solution.

Works in

Claude Code Claude Cowork Claude Chat

Source

https://github.com/qwibitai/nanoclaw

By qwibitai

How to Get It

Option 1: Claude Desktop App (Code Mode)Click the + button next to the prompt box → Plugins → Add plugin. Search and click Install. Skills work in Claude Code only.

Option 2: Paste into Claude CodeCopy the command below and paste it into your conversation. Claude will install it.

Command

claude plugins install qwibitai/nanoclaw

Tip: Paste this into a Claude Code conversation. Verify command matches your Claude Code version.

CostFree

Trust Signals Reviewed

Stars27,376Last updated2026-04-16T11:14:33ZLicenseMIT (OK for commercial use)Known CVEsNone foundSources: GitHub Advisory Database + OSV.dev · Scanned 2026-04-16 · scanner v1

Community Pulse Active

Discussed on Hacker News, Reddit

Show HN: NanoClaw – “Clawdbot” in 500 lines of TS with Apple container isolation — Hacker News · 533 pts
NanoClaw moved from Apple Containers to Docker — Hacker News · 169 pts
Running NanoClaw in a Docker Shell Sandbox — Hacker News · 163 pts

35 mentions across 2 sources

Reviewer notes

Reviewed review. These are observations, not a security certification.

Scored from trust signals (evidence-eval-v1): 27,376 GitHub stars; contributors unknown; last commit 34d ago; license MIT.

2026-05-10: 27K stars with only 3 production mentions is a flag worth noting—this looks like a community darling that hasn't been stress-tested in real production workloads yet. The pitch is a containerized agent that bridges Anthropic's SDK to messaging platforms (WhatsApp, Telegram, Slack, etc.) with memory and scheduled jobs, which is a genuinely useful pattern for security alerting or incident notification pipelines. Tradeoff: you're trading OpenClaw's feature depth and battle-hardening for a smaller footprint, and container ops overhead is real if your team isn't already running that stack. Evaluate carefully before putting it on any path that touches sensitive comms data.

How to evaluate tools before deploying →

Data shown here comes from public APIs and automated scanning. Reviewer notes reflect one person's experience. This is not a security certification or legal recommendation. Always evaluate tools according to your own organization's policies.

Evaluation Scores

Evaluation

Ease of Use

4/5

Versatility

5/5

Reliability

3/5

Security

3/5

Overall score3.85 / 5.00 SolidEvaluatedMay 2026

Scored from trust signals (evidence-eval-v1): 27,376 GitHub stars; contributors unknown; last commit 34d ago; license MIT.

← Back to Claude Tool Reviews