Files
nanoclaw/docs
gavrielc 3906104960 docs: rewrite security docs to match the v2 perimeter
Rewrite docs/SECURITY.md against the real v2 codepaths: the actual
buildMounts mount table, the allowReadWrite allowlist schema the mount
validator enforces, and the true defaults (egress open, no CPU/mem
limits, additional mounts blocked until an allowlist exists). Replace the
deleted v1 perimeter (main/non-main groups, ephemeral containers, IPC
authorization, /dev/null .env shadow, data/sessions path) with a v2 Trust
Model built on user_roles and long-lived per-session containers. Drop the
dangling /add-golden-registry reference. Mark docs/docker-sandboxes.md and
docs/APPLE-CONTAINER-NETWORKING.md as v1-historical and update the
docs/README.md portal rows. Remove the Apple Container native-runtime
claims from README.md (no runtime seam exists; container-runtime.ts
hardcodes docker).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-04 16:10:46 +03:00
..
2026-02-09 02:50:43 +02:00

NanoClaw Documentation

The official documentation is at docs.nanoclaw.dev.

The files in this directory are original design documents and developer references. For the most current and accurate information, use the documentation site.

This directory Documentation site
SPEC.md Architecture
SECURITY.md Security model
REQUIREMENTS.md Introduction
docker-sandboxes.md v1-historical — reference only
APPLE-CONTAINER-NETWORKING.md v1-historical — reference only