For my version of the AI assistant, I used a Docker container and Unix permissions:
https://github.com/skorokithakis/stavrobot
All plugins run in one Docker container, but they're isolated from each other by different *nix users, so they can't read each other's files. That's much more lightweight, and you don't have to run one container per plugin.
Crucially, plugins can't read each other's secrets or modify each other's code. I even have a plugin configuration webpage that doesn't go through an LLM, so the LLM never sees your secrets if you don't want to.
Putting these NanoClowns inside a container will not protect you from all kinds of safety hazards.
I'm surprised that the developer experience around sandboxing on macOS is generally so bad. Seatbelt is in limbo and apple containers are just a pain to work with as some have highlighted in this thread
I can't believe the solution is creating uncompatibile branch and forcing users to use cladue for resolving merge conflits. Why not bake in the dual compatibility?
Sensible, this broadens our hosting options.
Can someone explain the special sauce of the claws compared to just use claude.ai etc
So they're making it use OCI images? Cool. Hopefully there will be good support for Podman.
Use containerd , Docker is cancer.
> But NanoClaw isn't just my personal project anymore. Thousands of people are using it. People are running production workloads on it. Businesses are building on it. There's a real community now.
as OpenClaw and now NanoClaw became "enterprise", now we need a new FemtoClaw to pick up the indie/boutique place