Add skill to guide users through adding Telegram as a messaging channel.
- Replace WhatsApp or run alongside it
- Support for private chats and groups
- Built-in /chatid command for easy registration
- Flexible triggering: main chat, respondToAll, @mentions, or trigger pattern
- Grammy library for modern TypeScript-first Telegram integration
No source code changes - skill provides step-by-step implementation guide.
Setup skill fixes:
- Run QR auth in foreground with long timeout, not background
- Replace fragile message-based registration with DB group sync lookup
- Personal chats: ask for phone number instead of querying empty DB
- Consolidate trigger word + security model + channel selection into one step
- Remove `timeout` shell command (unavailable on macOS), use Bash tool timeout
- Query 40 groups, display 10 at a time, support name lookup
requiresTrigger support:
- Add requiresTrigger field to RegisteredGroup type and DB schema
- Skip trigger check when requiresTrigger is false (for solo/personal chats)
- Main group still always processes all messages (unchanged)
Agent-browser visibility:
- Append global CLAUDE.md to non-main agent system prompts via SDK
- Add browser tool docs to global and main CLAUDE.md
- Update skill description to be broader (not just "web testing")
- Reference agent-browser.md in root CLAUDE.md key files
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add UX note instructing Claude to use AskUserQuestion tool for better
interactive experience during setup
- Add new Section 7 explaining the main channel's elevated privileges
(admin control portal) before registration
- Include interactive security acknowledgment with follow-up for users
choosing shared groups
- Renumber subsequent sections (7→8, 8→9, 9→10)
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Update setup skill to detect platform and offer Docker/Apple Container choice
- On Linux, automatically use Docker via /convert-to-docker skill
- On macOS, ask user preference if Apple Container not installed
- Update README to reflect Docker support and Linux compatibility
- Fix exact line number reference in convert-to-docker skill
- Add thank you to @dotsetgreg for the Docker skill contribution
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds a skill to integrate Parallel AI MCP servers for advanced web research.
What it adds:
- Quick Search MCP for fast web lookups (free to use)
- Task MCP for deep research with scheduler-based polling
- Non-blocking design using NanoClaw's scheduler
Usage: Run /add-parallel to add this integration to your fork
Follows NanoClaw philosophy:
- Skills over features - integration is optional via skill
- Keeps base codebase lean
- Users run /add-parallel on their fork for clean code
Co-authored-by: Janni Turunen <janni@Jannis-MacBook-Air.local>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* Add /convert-to-docker skill for Docker migration
This skill provides step-by-step instructions for migrating NanoClaw
from Apple Container to Docker, enabling cross-platform support
(macOS and Linux).
The skill covers:
- Updating container-runner.ts mount syntax and spawn command
- Replacing the startup check in index.ts
- Updating build.sh commands
- Updating all documentation references
- Updating setup and debug skills
- Verification and testing steps
Addresses the RFS (Request for Skills) item in README.md.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Remove Container Runtime from RFS section
The /convert-to-docker skill is now being added in this PR,
so it's no longer a "request" - the skill exists.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
- Isolate Claude sessions per-group (data/sessions/{group}/.claude/)
to prevent cross-group access to conversation history
- Remove Gmail MCP from built-in (now available via /add-gmail skill)
- Add SECURITY.md documenting the security model
- Move docs to docs/ folder (SPEC.md, REQUIREMENTS.md, SECURITY.md)
- Update documentation to reflect changes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Skill guides users through adding Gmail to NanoClaw with two modes:
- Tool Mode: Agent can read/send emails when triggered from WhatsApp
- Channel Mode: Emails can trigger the agent and receive replies
Includes step-by-step GCP OAuth setup, code integration instructions,
and troubleshooting guidance.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove unused claude-agent-sdk from host deps (only used in container)
- Remove dead scheduler MCP config (built into IPC)
- Remove unused eslint script
- Add clear error message when Apple Container fails to start
- Auto-generate launchd plist with real paths in setup skill
- Standardize Node.js version to 20+ everywhere
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Add secure mount allowlist validation
Addresses arbitrary host mount vulnerability by validating additional
mounts against an external allowlist stored at ~/.config/nanoclaw/.
This location is never mounted into containers, making it tamper-proof.
Security measures:
- Allowlist cached in memory (edits require process restart)
- Real path resolution (blocks symlink and .. traversal attacks)
- Blocked patterns for sensitive paths (.ssh, .gnupg, .aws, etc.)
- Non-main groups forced to read-only when nonMainReadOnly is true
- Container path validation prevents /workspace/extra escape
https://claude.ai/code/session_01BPqdNy4EAHHJcdtZ27TXkh
* Add mount allowlist setup to /setup skill
Interactive walkthrough that asks users:
- Whether they want agents to access external directories
- Which directories to allow (with paths)
- Read-write vs read-only for each
- Whether non-main groups should be restricted to read-only
Creates ~/.config/nanoclaw/mount-allowlist.json based on answers.
https://claude.ai/code/session_01BPqdNy4EAHHJcdtZ27TXkh
---------
Co-authored-by: Claude <noreply@anthropic.com>
- Sync group names from WhatsApp via groupFetchAllParticipating()
- Store group names in chats table (jid -> name mapping)
- Daily sync with 24h cache, on-demand refresh via IPC
- Write available_groups.json snapshot for agent (main group only)
- Agent can request refresh_groups via IPC if group not found
- Update documentation in main CLAUDE.md and debug skill
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Previously, the entire .env file was copied and mounted into containers,
exposing all environment variables to the agent. Now only the specific
authentication variables needed by Claude Code (CLAUDE_CODE_OAUTH_TOKEN
and ANTHROPIC_API_KEY) are extracted and mounted.
https://claude.ai/code/session_01Y6Az5oUPkYmJhA1N9MUd67
- Add PreCompact hook in agent-runner that archives conversations before
compaction, using session summary from sessions-index.json for filename
- Remove /clear command (programmatic compaction not supported by SDK)
- Add /add-clear to RFS for future implementation
- Update CLAUDE.md templates with memory system instructions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Setup skill now asks subscription vs API key, can auto-grab token
- Debug skill updated for both auth methods
- SPEC.md documents both authentication options
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix session mount path: ~/.claude/ now mounts to /home/node/.claude/
(container runs as 'node' user with HOME=/home/node, not root)
- Fix ~/.gmail-mcp/ mount path similarly
- Use absolute paths for GROUPS_DIR and DATA_DIR (required for container mounts)
- Auto-start Apple Container system on NanoClaw startup
- Update debug skill with session troubleshooting guide
- Update spec.md with startup sequence and troubleshooting
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Container fixes:
- Run as non-root 'node' user (required for --dangerously-skip-permissions)
- Add allowDangerouslySkipPermissions: true to SDK options
- Mount .env file to work around Apple Container -i env var bug
- Use --mount for readonly, -v for read-write (Apple Container quirk)
- Bump SDK to 0.2.29, zod to v4
- Install Claude Code CLI globally in container
Logging improvements:
- Write per-run logs to groups/{folder}/logs/container-*.log
- Add debug-level logging for mounts and container args
Documentation:
- Add /debug skill with comprehensive troubleshooting guide
- Update /setup skill with API key configuration step
- Update SPEC.md with container details, mount syntax, security notes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Explain Gmail/GCP prerequisites upfront before asking
- Replace hardcoded "Andy" with ASSISTANT_NAME placeholder
- Replace hardcoded timestamp with CURRENT_ISO_TIMESTAMP
- Add step 3 to ask user for their preferred trigger word
- Renumber sections accordingly
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add src/auth.ts for interactive QR code authentication
- Add `npm run auth` script
- Update setup skill for current Node.js architecture
- Daemon (src/index.ts) now only uses stored credentials
Auth is run during setup; daemon assumes credentials exist and
shows macOS notification if re-auth is needed.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
A minimal Node.js application that connects Claude Agent SDK to WhatsApp
using baileys. Features per-group memory via CLAUDE.md files, session
continuity, scheduled tasks, and Gmail integration via MCP.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
