zlacker

[return to "Show HN: NanoClaw – “Clawdbot” in 500 lines of TS with Apple container isolation"]
1. dceddi+O8[view] [source] 2026-02-02 00:05:27
>>jimmin+(OP)
This look nice! I was curious about being allowed to use a Claude Pro/Max subscription vs an API key, since there's been so much buzz about that lately, so I went looking for a solid answer.

Thankfully the official Agent SDK Quickstart guide says that you can: https://platform.claude.com/docs/en/agent-sdk/quickstart

In particular, this bit:

"After installing Claude Code onto your machine, run claude in your terminal and follow the prompts to authenticate. The SDK will use this authentication automatically."

◧◩
2. jimmin+wb[view] [source] 2026-02-02 00:26:01
>>dceddi+O8
OP here. Yes! This was a big motivation for me to try and build this. Nervous Anthropic is gonna shut down my account for using Clawdbot.

This project uses the Agents SDK so it should be kosher in regards to terms of service. I couldn't figure out how to get the SDK running inside the containers to properly use the authenticated session from the host machine so I went with a hacky way of injecting the oauth token into the container environment. It still should be above board for TOS but it's the one security flaw that I know about (malicious person in a WhatsApp group with you can prompt inject the agent to share the oauth key).

If anyone can help out with getting the authenticated session to work properly with the agents running in containers it would be much appreciated.

◧◩◪
3. dceddi+Ag[view] [source] 2026-02-02 01:17:09
>>jimmin+wb
I went down this rabbit hole a bit recently trying to use claude inside fence[0] and it seems that on macOS, claude stores this token inside Keychain. I'm not sure there's a way to expose that to a container... my guess would be no, especially since it seems the container is Linux, and also because keeping the Keychain out of reach of containers seems like it would be paramount. But someone might know better!

0: https://github.com/Use-Tusk/fence

◧◩◪◨
4. Davide+dn4[view] [source] 2026-02-03 05:50:09
>>dceddi+Ag
> "I went down this rabbit hole a bit recently trying to use claude inside fence[0]"

Did you get it working in the end? I assume you didn't share your setup/config anywhere?

◧◩◪◨⬒
5. dceddi+ks5[view] [source] 2026-02-03 14:10:30
>>Davide+dn4
Yeah, forgot when I wrote this comment that the thing about keychain was to pass that auth token into a Docker container, which I gave up on (Tauri desktop app needs to compile Rust and link against other stuff, different architecture inside the container blah blah)

More or less what it says in the README:

    fence -t code -- claude --dangerously-skip-permissions
Or wrap it in a function as an alias

    # cat prompt.md | ralph
    function ralph() {
      fence -t code -- \
        claude --verbose --dangerously-skip-permissions --output-format stream-json -p "$@" \
        | jq -r 'select(.type == "assistant") | .message.content[]? | select(.type? == "text") | .text'
    }
[go to top]