NanoClaw: Lightweight WhatsApp AI Assistant with Claude
NanoClaw: A Lightweight, Secure WhatsApp AI Assistant Powered by Claude
NanoClaw is an open‑source hobby‑project that lets you turn your phone into a personal Claude‑powered assistant, all while keeping your data isolated in Docker or Apple Container containers. It was built as a simpler, more understandable alternative to Clawdbot / OpenClaw, with a focus on minimalism, security, and user‑controlled customization.
Why NanoClaw?
| Feature | Why it matters |
|---|---|
| Container isolation | Each agent runs in its own Linux container; it can only see what you explicitly mount. Your host system remains untouched. |
| No config sprawl | The code is small enough that you alter the source for new behavior instead of editing hundreds of YAML or JSON files. |
| Agent swarms | The first personal assistant that supports spinning up a team of agents to solve complex problems automatically. |
| Whale‑friendly | Built on the Anthropic Agent SDK, so you get the same harness Claude Code uses. |
| One‑process simplicity | All logic lives in a single Node.js process. No message queues or micro‑services. |
All of these come together to make a project you can fork, understand in ten minutes, and deploy without a “setup wizard”.
Quick start guide
- Clone the repo
git clone https://github.com/qwibitai/nanoclaw.git cd nanoclaw - Run the bootstrap script
claude # first time will install dependencies, ask for your Anthropic API key, WhatsApp QR code, etc. /setup # automatically configures Docker/AppleContainer and installs required modules - Launch the bot
/run - Start chatting – Scan the QR in the terminal with your phone, then say
@Andy(or change the trigger word) to talk.
Follow the on‑screen prompts and your WhatsApp messages will become commands for Claude. The assistant keeps conversation context in a per‑group CLAUDE.md file, so future messages continue where you left off.
Extending NanoClaw with Skills
NanoClaw introduces a deterministic skill‑system. Instead of adding new features directly, you write a skill that turns the current codebase into the desired version. For example, adding Telegram support is as simple as:
npm run skills:init -- --core-version 0.5.0 --base-source .
npm run skills:apply -- --skill telegram --version 1.2.0 --files-modified src/server.ts
Afterward run /add-telegram and you’ll get a clean, separate Telegram channel without all the extra clutter.
Sample skill list
| Skill | What it adds |
|---|---|
/add-telegram |
Support for Telegram |
/add-slack |
Slack integration |
/add-discord |
Discord bot support |
/add-clear |
/clear command for conversation compaction |
/setup-windows |
Windows support through WSL2 + Docker |
Only core updates, bug fixes, or security improvements land in the base repo; everything else lives in skills. This keeps the core clean while giving you extensibility.
Security model
NanoClaw’s security rests on two layers:
- Application‑level controls – Pairing codes and allowlists protect your WhatsApp connection.
- Container isolation – Each agent lives in a sandbox with only the directories you mount. Bash runs inside the container, not on your host.
The repository’s SECURITY.md describes the model in detail and how to audit what is mounted in each container.
Common questions
Why not just run on the host? The runtime may be powerful, but any bug could compromise your personal info. Containers give a hard boundary.
Can I run on Linux? Yes—Docker is the default on Linux, and the /setup script configures everything automatically.
What if the scheduler stops? Ask Claude: Why isn't the scheduler running? Thanks to the Claude‑native harness, debugging is just a chat.
Get involved
NanoClaw is open for contributions. If you want to add new skill types or improve the base, open a PR with clear documentation in the CLAUDE.md skill files.
- Fork the repo
- Create a skill folder under
.claude/skills/ - Write a
SKILL.mdthat tells Claude how to transform the current source - Run the skill locally with
npm run skills:apply - Test the changes, then submit a PR
Happy hacking—and may your agents swarm in a friendly manner!