By Titik Puspa 
In a meteoric rise that has captivated the AI developer community, Gavriel Cohen, the visionary behind the lean and secure AI agent framework NanoClaw, finds himself at the center of an industry whirlwind. What began as a passionate, albeit intense, weekend coding spree has rapidly transformed from a Hacker News sensation into a full-fledged company, NanoCo, poised for significant impact with a groundbreaking partnership with Docker. This rapid ascent is a testament to the potent combination of innovative design, a critical response to existing industry challenges, and the undeniable power of community endorsement.
Just six weeks ago, Cohen unveiled NanoClaw on Hacker News, positioning it as a compact, open-source, and inherently secure alternative to the immensely popular, yet increasingly scrutinized, AI agent-building tool, OpenClaw. The genesis of NanoClaw was born from necessity. Cohen was actively involved in an AI marketing startup with his brother, Lazer Cohen. This venture, which was rapidly scaling and projected to achieve an impressive $1 million in annual recurring revenue within its first year, leveraged AI agents for a suite of services including market research, go-to-market analysis, and content creation. Cohen, a seasoned computer programmer with prior experience at Wix, had meticulously crafted individual AI agents using tools like Claude Code, each tailored for specific operational tasks. However, he identified a crucial gap in their functionality: the inability to pre-schedule tasks, seamlessly integrate with team communication platforms like WhatsApp, or delegate work through such channels.
This is where OpenClaw entered the picture. Cohen initially embraced OpenClaw, a tool whose creator has since joined OpenAI, to bridge these workflow limitations. He described a profound "aha moment" as OpenClaw provided the connective tissue for his disparate agent-based workflows. The allure of extending this functionality across all facets of his startup – R&D, product development, client management – was immense. He envisioned a robust ecosystem of specialized agents designed to optimize every operational bottleneck.
However, this enthusiasm was soon overshadowed by a deeply unsettling discovery. While troubleshooting a performance issue with OpenClaw, Cohen stumbled upon a file that revealed a critical security vulnerability. The OpenClaw agent had, without explicit authorization beyond its designated work parameters, downloaded and stored his entire WhatsApp message history in plain, unencrypted text on his local machine. This included not only work-related communications but also his personal conversations, a breach of privacy that sent a jolt of alarm through him.
This incident illuminated a widely acknowledged criticism of OpenClaw, often characterized as a "security nightmare" due to its expansive access to system memory and account permissions, making it exceedingly difficult to restrict its data access once installed. While acknowledging that such security flaws might eventually be addressed by the project’s substantial user base, Cohen harbored another significant concern: the sheer bloat of OpenClaw. His research into security mitigations revealed a staggering array of bundled packages, including an obscure open-source project he himself had created months prior for PDF editing using a Google image editing model. He had no prior knowledge of its inclusion and was not actively maintaining it. The realization that he could not possibly audit the entirety of OpenClaw’s codebase and its dependencies, which by some estimates spanned an astronomical 800,000 lines of code, was a stark wake-up call.
Driven by this revelation and a pressing need for a secure, lightweight alternative for his startup, Cohen embarked on a focused coding marathon. Over what he described as a near 48-hour "couch-bound" coding binge, he architected NanoClaw. The framework was designed with a minimalist footprint, consisting of a mere 500 lines of code, and crucially, built upon Apple’s then-emerging container technology. This innovative approach creates highly isolated environments, ensuring that software is strictly confined to the data it is explicitly authorized to access, thereby preventing unauthorized data exfiltration.
The public debut of NanoClaw on Hacker News, just three weeks prior to its integration with Docker, proved to be an explosive success. The post quickly went viral, generating immense interest. This initial surge of attention was amplified approximately three weeks ago when Andrej Karpathy, a prominent figure in the AI research landscape, posted a glowing endorsement of NanoClaw on X (formerly Twitter). This endorsement triggered a further wave of engagement, leading to a public discussion between Cohen and the renowned AI researcher.
The confluence of Hacker News virality and Karpathy’s endorsement catalyzed an avalanche of attention. NanoClaw garnered an impressive 22,000 stars on GitHub, a key metric for open-source project popularity, alongside 4,600 forks, indicating a vibrant community actively building upon the core project. Over 50 contributors have since joined the effort, pushing hundreds of updates and with hundreds more in the pipeline. The rapid growth necessitated a significant life change for Gavriel Cohen; he made the decisive move to shut down his AI marketing startup to dedicate his full attention to NanoClaw and establish NanoCo, a company built around this burgeoning technology.
The latest significant development, announced on Friday, marks a pivotal moment for NanoClaw and its growing ecosystem. Cohen revealed a strategic integration with Docker, the company synonymous with containerization technology, upon which NanoClaw is fundamentally built. Docker, boasting millions of developers and nearly 80,000 enterprise customers, has agreed to integrate its Docker Sandboxes into NanoClaw. This collaboration is particularly significant as Docker Sandboxes offer an alternative to Apple’s container technology, providing a powerful, widely adopted platform for secure application isolation.
The integration was catalyzed by Oleg Selajev, a developer at Docker, who observed the burgeoning interest in NanoClaw. Recognizing the potential synergy, Selajev proactively modified NanoClaw to incorporate Docker’s Sandboxes. Cohen, demonstrating a keen understanding of community-driven development and the need for robust platform support, embraced this enhancement without hesitation. "This is no longer my own personal agent that I’m running on my Mac Mini," Cohen reflected, highlighting the shift in perspective. "This now has a community around it. There are thousands of people using it. Yeah, I said, I’m going to move over to the standard." This decision underscores Cohen’s commitment to fostering a collaborative environment and aligning NanoClaw with industry-leading infrastructure.
While the technological and community aspects of NanoClaw are rapidly solidifying, the commercial strategy for NanoCo is still in its formative stages. Gavriel and Lazer Cohen, now CEO and president of NanoCo respectively, are committed to maintaining NanoClaw as a free and open-source project, a principle they fiercely defend. They acknowledge the potential backlash from the open-source community should they ever deviate from this commitment. Currently, the company is operating on a friends-and-family fundraising round.
Despite the nascent stage of their commercial planning, the Cohens report significant interest from venture capitalists. Their tentative game plan involves developing a fully supported commercial product, complete with specialized "forward-deployed engineers." These experts would be embedded within client organizations, providing direct assistance in building and managing secure AI agent systems. This strategy targets the growing demand for secure and manageable AI agent deployments, a market that is becoming increasingly competitive. However, with the substantial developer community unlocked by the Docker integration, NanoCo appears well-positioned to carve out a significant niche. The rapid evolution of NanoClaw, from a weekend project to a commercially backed initiative with major industry partnerships, underscores the dynamic and rapidly innovating nature of the current AI landscape.