Just a few weeks ago, Gavriel Cohen was writing code on his couch. Today, he and his brother Lazer are sitting on a fresh $12 million in seed funding after turning down a buyout offer that hovered around $20 million. Their project, a security-focused AI agent platform called NanoClaw, went from a few lines of code to a term sheet in less than six weeks. It is a story that feels almost mythical, a perfect encapsulation of the blistering speed and high stakes of the current AI boom. But it is also a critical data point in the evolution of artificial intelligence, signaling a major shift from passive chatbots to truly autonomous, action-oriented agents, and the urgent need to make them safe.

The story of NanoClaw is impossible to tell without first understanding its much larger, much more famous inspiration: OpenClaw. Over the past year, the open source agentic AI platform has taken the developer world by storm. It represented a monumental leap beyond the simple question-and-answer paradigm of models like ChatGPT or Claude. An AI agent, powered by a platform like OpenClaw, doesn’t just talk. It does. It can browse the web, write and execute its own code, manage files, and chain together complex tasks to achieve a goal. For developers, it was like being handed a superpower, a tireless, self-correcting junior programmer that could automate the tedious and accelerate the complex.

But with great power comes great risk. The very autonomy that made OpenClaw so revolutionary also made it inherently dangerous. In the rush to build, the platform’s security architecture was, to put it mildly, permissive. Running an OpenClaw agent on your local machine was an act of supreme faith, granting it broad access to your file system and network. A misconfigured prompt or a cleverly designed attack could, in theory, lead to catastrophic data loss or system compromise. It was the AI equivalent of giving a new intern the root password to your entire company. This is the vulnerability, the gaping hole in the agentic AI revolution, that Gavriel Cohen decided to fix.

From Couch Project to Viral Sensation

NanoClaw was born from a simple but powerful premise: what if you could have all the power of an autonomous AI agent without the existential dread? Cohen, working with his brother Lazer, set out to build an alternative to OpenClaw with security as its foundational principle, not an afterthought. From a technical standpoint, this meant rethinking how the agent interacts with its environment. Instead of open access, NanoClaw would enforce strict sandboxing, containerizing the agent’s operations so it couldn’t break out and wreak havoc on the host system. It would operate on a principle of least privilege, with granular permissions that a user would have to explicitly grant for any potentially risky action.

The Cohens built quickly, committing the first lines of code just under two months ago. The result was a leaner, more secure framework for building and deploying AI agents. When they released it, the response from the developer community was immediate and overwhelming. It was the right product at the exact right moment. Developers who were enamored with OpenClaw’s potential but terrified of its security flaws flocked to the project.

Then came the endorsements. Andrej Karpathy, a legendary figure in the AI world, gave it a nod. Singapore’s foreign minister publicly commented on its potential. The project rocketed to the top of developer platforms, and suddenly, Gavriel Cohen’s DMs and email inbox were overflowing. He estimates that over 50 venture capital firms reached out, all wanting a piece of the action.

A Fork in the Road: The Buyout and the Seed Round

Amidst the inbound investor chaos, a more serious offer materialized. An unnamed suitor made an acquisition offer reported to be in the neighborhood of $20 million. For a project that was less than two months old, it was a life-changing sum. It was also a validation of their core thesis: secure agentic AI was not just a niche concern, it was a billion-dollar problem waiting to be solved.

But the Cohen brothers turned it down.

“It was under six weeks from committing the first lines of code to a term sheet,” Gavriel noted, reflecting on the whirlwind process. The decision to reject the acquisition was a bet on themselves and their vision for a future where autonomous agents are a ubiquitous, and safe, part of the software landscape.

Instead of selling out, they decided to build. They incorporated as NanoCo and raised an oversubscribed $12 million seed round. The list of investors reads like a who’s who of the developer and AI ecosystems. The round was led by Valley Capital Partners, with significant participation from companies that live and breathe developer infrastructure, including Docker and Vercel, and the collaborative software giant Monday.com. Slow Ventures also joined, along with angel investors like Clem Delangue, the CEO of AI’s open source hub, Hugging Face. This isn’t just dumb money chasing a trend. These are strategic partners who understand the deep technical shift that NanoClaw represents.

Why NanoClaw Represents a New Chapter for AI

The story of NanoCo is more than just another chapter in the frothy AI funding saga. It points to a critical maturation in the field. The first wave of generative AI was about demonstrating possibility, showing that a model could write a poem or generate an image. The next wave, the agentic wave, is about practical application and reliability. And you cannot have reliability without security.

Platforms like Google’s new agent-driven search, Figma’s AI design assistants, and the explosion of AI coding tools are all pushing towards a future where software is more dynamic, more autonomous, and more helpful. But for this future to be realized, especially in the enterprise, we need frameworks that are secure by default. No CISO is going to approve the deployment of an AI agent that has unfettered access to a company’s internal network and proprietary codebases. NanoClaw, and other security-first platforms that will inevitably follow, are building the foundational guardrails for this new era of software development.

Furthermore, this is a powerful testament to the enduring power of open source. In an industry increasingly dominated by trillion-dollar corporations and their closed, proprietary models, a single developer with a powerful idea can still build something that captures the imagination of an entire community, attract elite capital, and choose to forge their own path. The viral success of OpenClaw created the opportunity, and the insight of the Cohen brothers to address its biggest weakness allowed them to seize it.

NanoCo now faces the monumental task of turning a viral open source project into a sustainable business. But by turning down a quick exit, they have made their ambition clear. They are not just building a feature or a plugin. They are building a foundational piece of infrastructure for the next decade of software, betting that in the age of autonomous AI, the ones who build the safest tools will be the ones who win.