clawless
Run Claw AI agents entirely in the browser — no server required — with WebContainers WASM sandboxing, policy enforcement, and complete audit logging.
ClawLess is a serverless, browser-based AI agent runtime that eliminates the need for any backend infrastructure. Instead of spinning up a server to host and execute AI agents, ClawLess boots a full Node.js environment directly inside a browser tab using the WebContainers API — a WebAssembly-powered OS-level sandbox. Agents can install npm packages, write files, spawn processes, and serve local servers, all within an isolated environment that has zero access to the host machine.
At its core, ClawLess wraps the WebContainer runtime in a composable SDK called ClawContainer. Developers integrate it in a few lines of TypeScript, passing environment variables for their chosen AI provider — Anthropic, OpenAI, or Google — and selecting a pre-built or custom agent template. The SDK handles mounting the virtual filesystem, installing dependencies, configuring environment variables, and launching the agent process, then surfaces status and events through a typed event emitter interface.
Two cross-cutting systems make ClawLess suitable for production-grade agent workflows. The Policy Engine applies declarative YAML guardrails to file reads/writes, process spawns, port bindings, and tool usage — enforced at the container layer where agents cannot bypass them through prompting. The Audit Log captures every action — process lifecycle, file I/O, network requests, environment configuration, and policy denials — with sensitive header values automatically masked, and exports the full trace as JSON or plain text for compliance and debugging.
The built-in UI layer ships Monaco Editor (the engine behind VS Code) for multi-file editing, xterm.js for real PTY terminal sessions, and a GitHub integration for cloning and pushing repositories without leaving the browser. A plugin system exposes lifecycle hooks — onInit, onReady, onDestroy — so teams can extend the runtime with custom tabs, environment variables, workspace files, and npm services without modifying core SDK code.
What You Get
- WebContainers WASM sandbox — a full Node.js OS environment running entirely in the browser with access to 3.4 million+ npm packages and zero server infrastructure
- YAML policy engine — declarative guardrails for file access, process spawns, port bindings, and tool usage, enforced at the container layer and impossible for agents to bypass
- Complete audit log — structured capture of every process spawn/exit, file read/write, network request/response, and policy denial with sensitive header masking and JSON/text export
- Monaco Editor + xterm.js terminal — VS Code-quality code editor with multi-file tabs and a full PTY terminal session inside the browser
- GitHub integration — clone and push repositories via the GitHub API without leaving the browser or setting up local git credentials
- Plugin and template system — register reusable agent configurations as templates and extend runtime behavior through typed lifecycle hooks (onInit, onReady, onDestroy)
- Multi-provider AI support — built-in support for Anthropic (Claude), OpenAI (GPT-4o), and Google (Gemini) with unified environment variable configuration
- Dual-layer network interception — audits both browser fetch calls and Node.js http/https requests inside the container simultaneously via a preloaded CJS hook
Common Use Cases
- Shareable agent demos — deploy a ClawLess-powered page as a static site so anyone can run your AI agent in their browser without installing anything
- Sandboxed code generation agents — let agents write, install, and execute code inside the WASM sandbox where they cannot touch the host filesystem or network outside the policy
- Internal developer tooling — give teams a browser-based environment where AI agents build, test, and preview tooling with full audit trails for compliance review
- Education and onboarding — create interactive coding environments where AI agents guide learners through tasks inside an isolated runtime that resets on reload
- Multi-agent orchestration prototyping — test agent workflows and tool pipelines locally in a browser before committing to cloud infrastructure
- API key-secured agent UIs — embed ClawLess in an authenticated web app, passing API keys as environment variables at runtime without exposing them in client code
Under The Hood
Architecture
ClawLess follows a layered SDK facade pattern where the ClawContainer class serves as the single public surface, delegating to seven discrete internal managers: container orchestration, policy enforcement, audit logging, VCS operations, plugin dispatch, UI rendering, and template resolution. Dependencies flow inward — the SDK owns all managers and wires them together at construction time. A typed event emitter base class provides decoupled component-to-component communication, with lifecycle events flowing outward to external consumers and plugins. Policy enforcement is applied at the orchestration layer, ensuring no filesystem or process operation bypasses guardrails regardless of which code path triggers it. The separation between SDK surface, runtime management, and UI presentation is coherent, though the UI manager carries significant surface area handling editor, terminal, and tab state simultaneously.
Tech Stack
The project is built in TypeScript 5.4 targeting ES2022 modules, bundled with Vite 5. The core runtime dependency is the WebContainer API, which provides a browser-native Node.js OS environment via WebAssembly. Terminal emulation is handled by xterm.js 5.5 with the fit addon. The code editor is Monaco Editor 0.55, the engine behind VS Code, integrated via a Vite plugin. JSZip handles workspace export and import. The UI layer is pure TypeScript with direct DOM manipulation — no component framework. Network interception operates at two layers: browser fetch is patched via a browser-side interceptor module, while Node.js http/https inside the container is patched through a CJS preload file injected via NODE_OPTIONS=--require, ensuring network audit coverage across both execution contexts.
Code Quality
No test files exist in the repository — no testing framework is configured and no spec files are present. The codebase applies TypeScript strict mode throughout with explicit types and documented any usage. Naming conventions are consistent, and source files carry extensive section-header comments and inline rationale explaining non-obvious design decisions. Error handling is explicit: policy violations surface as typed PolicyDeniedError instances that propagate through the call stack, and the audit log captures denials with their triggering rules. CI configuration is absent. Some core files carry substantial size, suggesting future decomposition opportunities, but the module boundaries between concerns remain logical.
What Makes It Unique
The defining innovation is eliminating server infrastructure entirely while preserving a real Node.js execution environment for AI agents — including npm installs, process spawning, and filesystem operations. Most agent runtimes require a running server; ClawLess achieves the same capabilities as a deployable static site by leveraging WebContainers. The dual-layer network interception approach — patching browser fetch and container-side Node.js HTTP simultaneously via a preloaded CJS hook — is an architecturally creative solution to achieving full network visibility across two fundamentally different execution contexts in the same application. The YAML policy engine enforces behavioral guardrails at the code layer rather than through prompt engineering, making agent boundaries reliable and auditable.
Self-Hosting
ClawLess is released under the MIT License, which is among the most permissive open source licenses available. You may use it commercially, modify it, redistribute it, and incorporate it into proprietary products without any copyleft obligations. The only requirement is retaining the copyright notice. There are no contributor license agreements, no open core restrictions, and no license keys — the entire codebase is available under the same terms.
The operational reality of self-hosting ClawLess is unusually straightforward compared to most self-hosted tools. Because the runtime runs entirely in the browser via WebAssembly, there is no server process to manage, no database, no background workers, and no infrastructure to provision. Deployment amounts to serving static files — the built output can go on any CDN, S3 bucket, or static hosting provider. The only external runtime dependency is users supplying their own AI provider API keys, which are injected as environment variables into the browser session. Sessions persist to localStorage, so state survives page reloads without any backend storage.
The trade-off versus a managed or cloud-hosted agent platform is primarily around security review, support, and multi-tenancy. A SaaS agent platform typically handles API key management centrally, provides audit dashboards, SLAs, team access controls, and handles WebContainer API quotas. ClawLess puts all of that responsibility on the deployer — each user brings their own API keys, and there is no built-in access control layer or centralized log aggregation. For teams with straightforward use cases and existing infrastructure for auth and key management, this is a negligible gap. For teams needing enterprise SSO, centralized audit export, or multi-user session isolation, additional work is required on top of the open source base.
Related Apps
claw-code
AI Agents · AI Code Assistants
A Rust-built CLI agent harness for Claude AI with persistent sessions, MCP tool integration, plugin hooks, and multi-provider support — designed to run autonomous coding workflows without human babysitting.
claw-code
MITOllama
AI Development · Developer Tools
Run Llama, Gemma, DeepSeek, and other open LLMs on your own machine with one command and an OpenAI-compatible API.
Ollama
MITLangflow
AI Agents · AI Development
Build, test, and deploy AI agents and RAG workflows visually with native API and MCP server export.