This article is remarkably light on the deal with docker, it's basically just mentioned in passing:
> Now, on Friday, Cohen announced a deal with Docker — the company that essentially invented the container technology NanoClaw is built on, and counts millions of developers and nearly 80,000 enterprise customers — to integrate Docker Sandboxes into NanoClaw.
"The stronger boundary protects the machine while the agent is coding, testing and improvising. It does not protect the rest of the world from the permissions you have already granted. A better-isolated runtime will not stop the bot from spraying outbound messages, sending a stupid email, or otherwise turning your authority into a minor public nuisance."
From the article, it looks like they integrated with Docker because someone at Docker reached out about collaborating on the integration.
Regarding security, I think you need three things:
1. You need the agent to run inside a sandbox.
2. You need a safe perimeter or proxy that can apply deterministic filtering rules on what makes it into the AI agent's sandbox and the HTTP requests and responses that agent sends out from the sandbox.
3. The bot should have its own email accounts, or maybe be configured to only send/read from certain email addresses
I'm working on a product that makes it as easy to spin up remote agent sandboxes as it is to git push and git pull. Then when we get that working well we're putting a proxy around each sandbox to let users control filtering rules.
I personally see a future where there are many different types of *Claws, coding agents, etc. and I think they need a new "operating system", so to speak.
So I am late to the party on this; I can ABSOLUTELY see what would fuel a 48 hr code binge. I would be LIVID if a package I downloaded did such a bulk pull from my Whatsapp, and even further enraged if I found a bulk of packages integrated that led me to believe security was never a single thought.
Future innovators, don't take security for granted; someone who cares will eat your lunch.
This article is remarkably light on the deal with docker, it's basically just mentioned in passing:
> Now, on Friday, Cohen announced a deal with Docker — the company that essentially invented the container technology NanoClaw is built on, and counts millions of developers and nearly 80,000 enterprise customers — to integrate Docker Sandboxes into NanoClaw.
Relevant link: https://nanoclaw.dev/blog/nanoclaw-docker-sandboxes
"The stronger boundary protects the machine while the agent is coding, testing and improvising. It does not protect the rest of the world from the permissions you have already granted. A better-isolated runtime will not stop the bot from spraying outbound messages, sending a stupid email, or otherwise turning your authority into a minor public nuisance."
from:
https://entropytown.com/articles/2026-03-12-openclaw-sandbox...
plus, any idea why not podman or firecracker?
From the article, it looks like they integrated with Docker because someone at Docker reached out about collaborating on the integration.
Regarding security, I think you need three things:
I'm working on a product that makes it as easy to spin up remote agent sandboxes as it is to git push and git pull. Then when we get that working well we're putting a proxy around each sandbox to let users control filtering rules.I personally see a future where there are many different types of *Claws, coding agents, etc. and I think they need a new "operating system", so to speak.
Self-plug at the end: https://github.com/gofixpoint/amika. The OSS part of my startup, focused on sandbox coding agents right now :)
PS: I enjoyed the entropytown.com blog! bookmarking it
So I am late to the party on this; I can ABSOLUTELY see what would fuel a 48 hr code binge. I would be LIVID if a package I downloaded did such a bulk pull from my Whatsapp, and even further enraged if I found a bulk of packages integrated that led me to believe security was never a single thought.
Future innovators, don't take security for granted; someone who cares will eat your lunch.