In the fast-moving world of open source software, few stories capture the startup dream quite like what has happened to Gavriel Cohen over the past six weeks. What started as a weekend coding marathon in sweatpants on a couch has turned into a viral open source project, a new company, and a partnership deal with Docker — one of the most influential names in developer infrastructure.
Cohen introduced NanoClaw on Hacker News roughly six weeks ago as a tiny, open source, secure alternative to the popular AI agent-building tool OpenClaw. He had built it during an intense weekend session that stretched nearly 48 hours straight. The Hacker News post quickly went viral, setting off a chain of events that would reshape his career.
The OpenClaw Security Problem
The story behind NanoClaw begins with Cohen's earlier venture — an AI marketing startup he had launched with his brother Lazer Cohen a few months prior. The startup offered marketing services like market research, go-to-market analysis, and blog posts through a small team using AI agents, and was on track to reach $1 million in annual recurring revenue.
Cohen had built custom AI agents for the business, largely using Claude Code, but needed a way to connect those agents to scheduling tools and team communication platforms like WhatsApp. He turned to OpenClaw, the widely used AI agent framework, and initially loved it.
But then he made a disturbing discovery. While researching a performance issue, he found that OpenClaw had downloaded all of his WhatsApp messages — not just the work-related ones it was authorized to access, but his personal messages too — and stored them in plain, unencrypted text on his computer.
OpenClaw has been widely criticized as a security risk because of how it handles memory access and account permissions. Cohen had an additional concern: the sheer scale of the codebase. By some estimates, OpenClaw's code and dependencies sprawled across 800,000 lines of code, making it virtually impossible for any individual developer to audit.
500 Lines That Changed Everything
Cohen's solution was radical in its simplicity. He built his own alternative in just 500 lines of code, based on Apple's container technology that creates isolated environments preventing software from accessing any data beyond what it is explicitly authorized to use. He intended it for internal use at his startup, but decided to share it publicly.
The Hacker News post was just the beginning. About three weeks later, prominent AI researcher Andrej Karpathy posted praise for NanoClaw on X, and that post went viral too. Cohen's phone started ringing nonstop at 4 a.m. when a friend spotted Karpathy's endorsement and urged him to start engaging with the community.
The attention snowballed. NanoClaw racked up 22,000 stars on GitHub, 4,600 forks, and over 50 contributors. YouTube reviews, news articles, and social media discussions followed. A domain squatter even grabbed a NanoClaw website URL, forcing Cohen to establish the official site at nanoclaw.dev.
The Docker Deal
About a week ago, Cohen shut down his AI marketing startup to focus entirely on NanoClaw and launched a new company called NanoCo. Then came the biggest development yet.
Oleg Šelajev, a developer at Docker, reached out after seeing the buzz around the project. He had modified NanoClaw to replace Apple's container technology with Docker's competing alternative, Sandboxes. Cohen did not hesitate to integrate Docker Sandboxes into the main project, recognizing that NanoClaw had outgrown its origins as a personal tool and needed to embrace industry standards.
On Friday, Cohen announced the official integration of Docker Sandboxes into NanoClaw — connecting the project to Docker's ecosystem of millions of developers and nearly 80,000 enterprise customers.
What Comes Next
The Cohen brothers — Gavriel as the technical lead and Lazer as CEO — are now running NanoCo on a friends-and-family funding round. They plan to build a commercial product with services including forward-deployed engineers who embed directly with client companies to help them build and manage secure AI agents.
NanoClaw itself will remain free and open source permanently. Venture capital firms are already calling, though the brothers say they are still formulating their full commercial strategy.
The secure AI agent space is becoming increasingly crowded. But with a passionate open source community, a Docker partnership, and the endorsement of one of AI's most respected researchers, NanoClaw has carved out a strong position in remarkably little time. Six weeks ago, Gavriel Cohen was coding in sweatpants on a couch. Today, he is running one of the most talked-about open source projects in AI.
