Projects
Clawker
A Docker-like Go CLI for container orchestration and automation for Claude Code agents. Spawns sessions in isolated portable devcontainers on nix hosts with Docker installed. Supports bind mounting or snapshotting the codebase, worktree management, monitoring stack, policy-driven egress firewall stack, agent prompt looping features, GPG/SSH agent forwarding, hostproxy for browser open events, and Claude Code configuration, skills, plugins, commands, and authentication copying from the host for seamless transitions into isolated locked-down containerized sessions.
openclaw-deploy
Secure-by-default deployment for AI gateway infrastructure. Pulumi TypeScript IaC with five layers of defense-in-depth: iptables egress filtering, Envoy proxy with SNI whitelisting, egress policy engine, CoreDNS configured to prevent DNS exfiltration, and malware-blocking DNS. Connected via Tailscale sidecar.