Put your agents in containers
where they belong.

What happens when devcontainers and k8s have a Claude Code baby. Isolated, firewalled, credential-forwarding agent-in-container environments. One CLI.

Get Started View on GitHub
terminal
$ brew install schmitthub/tap/clawker
$ curl -fsSL https://clawker.dev/install.sh | bash
$ clawker run -it --agent fix --worktree bugfix:main @
# Forwarding SSH keys + git config
# Firewall: github.com, npmjs.org
clawker.myapp.fix ready

Features

all the negative parallelisms, rule of threes, and em dashes below compliments of ai slop... ain't no way i was gunna write the splash page myself

Agent-in-Container

Each agent gets its own isolated container with embedded Dockerfile templates. Alpine or Debian, your call.

Fresh or Copy Agent Mode

Clean install or seamless transition — bring your existing Claude Code settings, plugins, skills, and config along for the ride.

Bind or Snapshot

Live-sync your workspace with bind mounts, or give the agent a snapshot copy. You pick the isolation level.

Firewalled

Block internet access by default, whitelist only the domains you need. Per-project rules via clawker.yaml.

Credential Forwarding

SSH keys, GPG keys, and git config forwarded from your host automatically — just like devcontainers. No copy-pasting secrets into containers.

Jailed Docker

A guardrail layer between clawker and Docker that prevents operations on resources created outside of clawker. You won't accidentally nuke unrelated containers, networks, or volumes.

Project Namespace Isolation

Container resources scoped per-project. Run multiple projects simultaneously without stepping on each other's toes.

Dedicated Docker Network

All clawker resources live on the same clawker-net Docker network for easy communication.

Git Worktrees

Spin up agents in git worktrees with a single flag. Clawker handles worktree lifecycle for you — create, list, and clean up branches without leaving your workflow.

Host Proxy Service

Browser authentication callbacks forwarded from container to host. OAuth flows just work — zero config.

Injectable Build Instructions

Custom packages, environment variables, and scripts injected at container build time. Your Dockerfile, your rules.

Post-Init Scripts

Bash scripts that run after container init. Perfect for MCP server setup, custom tooling, or whatever your workflow needs.

Autonomous Looping

Experimental looping mode with stagnation detection, circuit breaker protection, and configurable max loop limits. Built-in token and cost tracking so your agent doesn't run away with your wallet.

Monitoring & Observability

Real-time insights into your agents' performance, decisions, tool calls, costs, token usage, and more. Optional Prometheus, Loki, and Grafana stack with OpenTelemetry integration. Dashboards and alerts out of the box.

Get Started

Single Go binary. macOS and Linux. Needs Docker.

Homebrew
$ brew install schmitthub/tap/clawker
Shell Script
$ curl -fsSL https://clawker.dev/install.sh | bash

Read the documentation to learn more.