Opening
NanoClaw, an Israeli AI security startup, has raised US$12 million in a seed funding round led by Valley Capital Partners. The company offers a security-focused alternative to OpenClaw, an AI agent framework, and runs AI agents in isolated containers. The funding was backed by Docker, Vercel, Monday.com, Slow Ventures, and angel investor Clem Delangue, who leads Hugging Face. The startup has drawn endorsements from AI researcher Andrej Karpathy and Singapore foreign minister Vivian Balakrishnan.
Funding and Investor Backing
NanoClaw's seed round was led by Valley Capital Partners, with participation from a diverse group of backers spanning infrastructure, productivity, and venture capital sectors. Backers include Docker (containerization platform), Vercel (web deployment), Monday.com (work management), Slow Ventures (venture fund), and Clem Delangue, founder and CEO of Hugging Face. The founders disclosed that they had declined acquisition offers, including one valued at approximately US$20 million.
Founder's Security Motivation
NanoClaw was created after its founder discovered a critical security flaw in OpenClaw. The founder found that OpenClaw had downloaded and stored his WhatsApp messages as unencrypted plain text on his computer. In response, he built a safer alternative in one weekend, resulting in a 500-line codebase that is easier to audit than OpenClaw, which some estimates place at approximately 800,000 lines of code.
Technical Architecture
NanoClaw integrates Docker Sandboxes, which are isolated environments for running software safely. The platform layers containers inside microVMs (lightweight virtual machines). This architecture is designed to prevent a compromised agent from reaching the host machine or other agents' environments.
Market Traction and Business Model
NanoClaw reached approximately 22,000 GitHub stars within weeks of its release, suggesting developer interest in security, transparency, and auditability in AI agent frameworks. The company has begun signing enterprise customers and selling implementation support, though it has not named specific clients.
NanoClaw plans to keep its core tool free while selling services such as forward-deployed engineers—technical staff who work closely with customers to implement the product. This approach mirrors common practices in open-source software monetization.
Security Considerations and Limitations
While isolation mechanisms strengthen security, they do not eliminate all threats. One assessment notes that NanoClaw may depend on users to audit code written by agents. Prompt injection—a technique that tricks AI systems through malicious instructions—could potentially steer generated code toward backdoors or typosquatted dependencies (malicious software packages designed to appear legitimate).
Related Context
Security is becoming a standard expectation in AI agent frameworks alongside emerging risks. Cohere, an AI startup that builds large language models and enterprise AI tools, has launched platforms capable of running privately, including on-premise deployments, to keep sensitive data behind a company's own firewall.
