Run NanoClaw in Docker Shell Sandboxes | Docker Running NanoClaw in a Docker Shell Sandbox Posted Feb 16, 2026 Oleg Selajev Ever wanted to run a personal AI assistant that monitors your WhatsApp messages 24/7, but worried about giving it access to your entire system? Docker Sandboxes’ new shell sandbox type is the perfect solution. In this post, I’ll show you how to run NanoClaw , a lightweight Claude-powered WhatsApp assistant, inside a secure, isolated Docker sandbox. What is the Shell Sandbox? Docker Sandboxes provides pre-configured environments for running AI coding agents like Claude Code, Gemini CLI, and others. But what if you want to run a different agent or tool that isn’t built-in? That’s where the shell sandbox comes in. It’s a minimal sandbox that drops you into an interactive bash shell inside an isolated microVM. No pre-installed agent, no opinions — just a clean Ubuntu environment with Node.js, Python, git, and common dev tools. You install whatever you need. Why Run NanoClaw in a Sandbox? NanoClaw already runs its agents in containers, so it’s security-conscious by design. But running the entire NanoClaw process inside a Docker sandbox adds another layer: Filesystem isolation – NanoClaw can only see the workspace directory you mount, not your home directory Credential management – API keys are injected via Docker’s proxy, never stored inside the sandbox Clean environment – No conflicts with your host’s Node.js version or global packages Disposability – Nuke it and start fresh anytime with docker sandbox rm Prerequisites Docker Desktop installed and running Docker Sandboxes CLI ( docker sandbox command available) (v.0.12.0 available in the nightly build as of Feb 13) An Anthropic API key in an env variable Setting It Up Create the sandbox Pick a directory on your host that will be mounted as the workspace inside the sandbox. This is the only part of your filesystem the sandbox can see: mkdir -p ~/nanoclaw-workspace docker sandbox create –name nanoclaw shell ~/nanoclaw-workspace Connect to it docker sandbox run nanoclaw You’re now inside the sandbox – an Ubuntu shell running in an isolated VM. Everything from here on happens inside the sandbox. Install Claude Code The shell sandbox comes with Node.js 20 pre-installed, so we can install Claude Code directly via npm: npm install -g @anthropic-ai/claude-code Configure the API key This is the one extra step needed in a shell sandbox. The built-in claude sandbox type does this automatically, but since we’re in a plain shell, we need to tell Claude Code to get its API key from Docker’s credential proxy: mkdir -p ~/.claude && cat > ~/.claude/settings.json << 'EOF' { "apiKeyHelper": "echo proxy-managed", "defaultMode": "bypassPermissions", "bypassPermissionsModeAccepted": true } EOF What this does: apiKeyHelper tells Claude Code to run echo proxy-managed to get its API key. The sandbox’s network proxy intercepts outgoing API calls and swaps this sentinel value for your real Anthropic key,

Source: Hacker News | Original Link