Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
theturtletalks 6 hours ago

Has anyone used:

OpenClaw

NanoClaw

IronClaw

PicoClaw

ZeroClaw

NullClaw

Any insights on how they differ and which one is leading the race?

dannymi an hour ago | parent | next [-]

I'm only using NanoClaw, but I like that I could (and did) just review the code it has, and that it uses containers for each agent (so I can have different WhatsApp groups working on different things and they can't interfere with each other), and that I could (and did) just swap those containers out easily for guix shell containers.

I am pretty confident that I know how the agent containerization works. In general there's really not a lot of complexity there at all.

If one wants, one can just (ask Claude to) add whatever functionality, or (and that's what I did) just use Claude skills (without adapting NanoClaw any further) and be done with.

What is annoying is that their policy is instead of integrating extra functionality upstream, they prefer you to keep it for yourself. That means I have to either not update from upstream or I am the king of the (useless so far--just rearranging the deck chairs) merge conflicts every single time. So one of the main reasons for contributing to upstream is gone and you keep having to re-integrate stuff into your fork.

tao_oat 5 hours ago | parent | prev | next [-]

I haven't used them all but based on my partial research so far:

- OpenClaw: the big one, but extremely messy codebase and deployment

- NanoClaw: simple, main selling point is that agents spawn their own containers. Personally I don't see why that's preferable to just running the whole thing in a container for single-user purposes

- IronClaw: focused on security (tools run in a WASM sandbox, some defenses against prompt injection but idk if they're any good)

- PicoClaw: targets low-end machines/Raspberry Pis

- ZeroClaw: Claw But In Rust

- NanoBot: ~4k lines of Python, easy to understand and modify. This is the one I landed on and have been using Claude to tweak as needed for myself

jeremyjh an hour ago | parent | next [-]

IronClaw’s security architecture sounds plausible, but I have not audited it. Plugins can only access remote endpoints you’ve specifically allowed it for. Secrets aren’t available to the LLM - they are injected where the LLM requires it but only secrets authorized for that plugin are available to it. Together those two things provide an answer to a huge range of the most common prompt injection vulnerabilities, such as credential extraction. So you can give it access to your bank account and email and it can’t email your bank password to an attacker. But it could still transfer money to them.

The only secure way to use any of these tools is to give them very limited access - if they need a credit card give them a virtual card with a low limit, or even its own bank account. They can send email but only from their own account; like a human personal assistant. But of course this requires careful thought and adds friction to every new task, so people won’t be doing it.

barbazoo 4 hours ago | parent | prev | next [-]

Everything supports WA, Telegram, etc. I wish it wasn't so hard to hook up Signal to anything.

I'm using the signal-cli-rest-api but the whole setup feels kinda wonky.

theturtletalks 4 hours ago | parent | prev [-]

Which would you say has the best cron and heartbeat implementation?

tao_oat 4 hours ago | parent [-]

Haven't tried them in enough depth to compare.

Nanobot's was not great (cron + a HEARTBEAT.md meant two ways to do things, which would confuse the AI). But because the implementation is so simple, I could improve it in a few minutes in my own fork!

huqedato 5 hours ago | parent | prev [-]

The same crap under the hood, IMO.

redman25 4 hours ago | parent [-]

Yeah, good software takes time. These are all popping up way to fast.