• Running NanoClaw in a Docker Shell Sandbox Ever wanted to run a personal AI assistant that monitors your WhatsApp messages 24/7, but worried about giving it access to your entire system? • Docker Sandboxes’ newshellsandbox type is the perfect solution. • In this post, I’ll show you how to runNanoClaw, a lightweight Claude-powered WhatsApp assistant, inside a secure, isolated Docker sandbox. • What is the Shell Sandbox? • Docker Sandboxes provides pre-configured environments for running AI coding agents like Claude Code, Gemini CLI, and others. • But what if you want to run adifferentagent or tool that isn’t built-in?That’s where theshell sandboxcomes in.

Article Summaries:

  • A new Docker Sandboxes feature lets users run NanoClaw-a lightweight Claude‑powered WhatsApp assistant-inside a secure, isolated microVM. The “shell” sandbox type provides a minimal Ubuntu environment with Node.js, Python, and git, allowing users to install any tool they need. By mounting only a specified workspace, NanoClaw’s filesystem and credentials are isolated, and API keys are injected via Docker’s proxy, never stored inside the sandbox. The setup involves creating the sandbox, installing Claude Code, configuring the API key helper, cloning NanoClaw, and running its setup script to authenticate WhatsApp. Once configured, the assistant can be started with a simple npm start.

Sources: