Put your agents in containers
where they belong.

What happens when devcontainers and k8s have a Claude Code baby. Isolated, firewalled, credential-forwarding agent-in-container environments. One CLI.

Get Started View on GitHub
terminal
$ brew install schmitthub/tap/clawker
$ curl -fsSL https://clawker.dev/install.sh | bash
$ clawker run -it --agent fix --worktree bugfix:main @
# Forwarding SSH keys + git config
# Firewall: github.com, npmjs.org
clawker.myapp.fix ready

How it works

Agent-in-Container

Each agent gets its own isolated container with embedded Dockerfile templates. Alpine or Debian, your call.

Firewalled

Block internet access by default, whitelist only the domains you need. Per-project rules via clawker.yaml.

Credential Forwarding

SSH keys, GPG keys, and git config forwarded from your host automatically. No copy-pasting secrets into containers.

Git Worktrees

Spawn agents on separate branches simultaneously. Each worktree gets its own container — no conflicts.

Jailed Docker

Agents get Docker access scoped to clawker containers only. They can't accidentally nuke your other stuff.

Bind or Snapshot

Live-sync your workspace with bind mounts, or give the agent a snapshot copy. You pick the isolation level.

Get Started

Single Go binary. macOS and Linux. Needs Docker.

Homebrew
$ brew install schmitthub/tap/clawker
Shell Script
$ curl -fsSL https://clawker.dev/install.sh | bash

Read the documentation to learn more.