惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
T
The Blog of Author Tim Ferriss
S
SegmentFault 最新的问题
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 司徒正美
T
Tailwind CSS Blog
The Cloudflare Blog
The Last Watchdog
The Last Watchdog
PCI Perspectives
PCI Perspectives
博客园 - 聂微东
Stack Overflow Blog
Stack Overflow Blog
TaoSecurity Blog
TaoSecurity Blog
云风的 BLOG
云风的 BLOG
C
Cybersecurity and Infrastructure Security Agency CISA
O
OpenAI News
Recorded Future
Recorded Future
GbyAI
GbyAI
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
量子位
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
F
Full Disclosure
Recent Announcements
Recent Announcements
Vercel News
Vercel News
S
Schneier on Security
H
Heimdal Security Blog
Cisco Talos Blog
Cisco Talos Blog
V2EX - 技术
V2EX - 技术
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
B
Blog RSS Feed
宝玉的分享
宝玉的分享
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Privacy & Cybersecurity Law Blog
T
Threat Research - Cisco Blogs
G
Google Developers Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
爱范儿
爱范儿
IT之家
IT之家
大猫的无限游戏
大猫的无限游戏
C
Check Point Blog
N
Netflix TechBlog - Medium
S
Security @ Cisco Blogs
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Microsoft Azure Blog
Microsoft Azure Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cyberwarzone
Cyberwarzone

DEV Community

Authentication Security Deep Dive: From Brute Force to Salted Hashing (With Java Examples) Why AI Systems Don’t Fail — They Drift Spilling beans for how i learn for exam😁"Reinforcement Learning Cheat Sheet" I Replaced Chrome with Safari for AI Browser Automation. Here's What Broke (and What Finally Worked) How Python Borrows Other People's Work The $40 Architecture: Processing 1 Billion API Requests with 99.99% Uptime Vibe Coding: A Workflow Guide (From Zero to SaaS) Most webhook security guides protect the wrong side. The scary part is delivery. Headless CMS for TanStack Start: Build a Blog with Cosmic EU Age Verification App "Hacked in 2 Minutes" — What Actually Happened Comfy Cloud’s delete function does not actually remove files Running AI Models on GPU Cloud Servers: A Beginner Guide Event-driven media intelligence with AWS Step Functions and Bedrock I scored 500 AI prompts across 8 quality dimensions — here's what broke How to Call Google Gemini API from Next.js (Free Tier, No Backend Needed) The Portal Protocol: Reclaiming Human Connection in the Age of AI How to Fix Your Team's Scattered Knowledge Problem With a Self-Hosted Forum Intro to tc Cloud Functors: A Graph-First Mental Model for the Modern Cloud Designing Multi-Tenant Backends With Both Ownership and Team Access I Built a Neumorphic CSS Library with 77+ Components — Here's What I Learned PostgreSQL Performance Optimization: Why Connection Pooling Is Critical at Scale Cómo construí un SaaS multi-rubro para gestionar expensas en Argentina con FastAPI + Vue 3 🚀 I Built an Ethical Hacking Scanner Tool – Open Source Project I Replaced /usage and /context in Claude Code With a Single Statusline A Pythonic Way to Handle Emails (IMAP/SMTP) with Auto-Discovery and AI-Ready Design I Collected 8.9 Million Polymarket Price Points — Here's What I Found About How Markets Really Move EcoTrack AI — Carbon Footprint Tracker & Dashboard Everyone's Using AI. No One Agrees How. 5 self-hosted ebook managers worth trying in 2026 Building Your First AI Agent with LangChain: From Chatbot to Autonomous Assistant Common SOC 2 Failures (Real World) Stop Vibe-Checking Your AI App: A Practical Guide to Evals How to Use SonarQube and SonarScanner Locally to Level Up Your Code Quality Your Next To-Do App Is Dead — I Replaced Mine with an OpenClaw AI Sign a Nostr event in 60 lines of Python using coincurve — no nostr-sdk, no nbxplorer, no rust toolchain ITGC Audit Explained Like You’re in Big 4 Patch Tuesday abril 2026: Microsoft parcha 163 vulnerabilidades y un zero-day en SharePoint Stop scraping everything: a better way to track competitor price changes Listing on MCPize + the Official MCP Registry while routing payments OUTSIDE the marketplace — how I kept 100% of my x402 revenue Building an AI-Powered Risk Intelligence System Using Serverless Architecture Why We Ripped Function Overloading Out of Our AI Toolchain Testing AI-Generated Code: How to Actually Know If It Works SaaS Churn Is Killing Your Business. Here Is What to Do About It (Without a Support Team) The Speed of AI Is No Longer Linear - And Self-Improving Models Are Why How to Implement RBAC for MCP Tools: A Practical Guide for Engineering Teams From Standard Quote to Persuasive Proposal: AI Automation for Arborists I built a CLI that scaffolds complete multi-tenant SaaS apps Axios CVE-2025–62718: The Silent SSRF Bug That Could Be Hiding in Your Node.js App Right Now The dashboard that ended our friendship Data Pipelines Explained Simply (and How to Build Them with Python) The Hidden Cost of AI Systems Nobody Talks About. undefined vs undeclared, and how typeof behaves Switching from file-based jobs to NATS/Kafka in Rust without changing code io_uring Adventures: Rust Servers That Love Syscalls Why Agentic AI is Killing the Traditional Database The POUR principles of web accessibility for developers and designers Quantum Neural Network 3D — A Deep Dive into Interactive WebGL Visualization How To Install Caveman In Codex On macOS And Windows Automation Pipeline Reliability: Why Your Workflow Breaks When Nobody Is Watching I Built an 'Open World' AI Coding Agent — It Works From ANY Folder From Freelancing to Product: A Tech Service Company's SaaS Transformation China's AI Giants: Adding Tencent Hunyuan & ByteDance Doubao to AI University (74 Providers) On the Vibe Coders and Their Lies clerk: Auto-Summarize Your Claude Code Sessions AI Weekly — 2026/04/10–04/17 | The Model Lockdown Is Here, but the Toolchain Is the Real Battleground AI 週報 — 2026/04/10–2026/04/17 模型封鎖潮來了,但工具鏈才是真戰場 Maybe this is how Open-Source apps are born... 🚀 Fine-Tune LLMs with LoRA and QLoRA: 2026 Guide tRPC v11 + Next.js App Router: End-to-End Type Safety Without the Boilerplate ShadCN UI in 2026: Why I Stopped Installing Component Libraries and Started Owning My Components SaaS Billing in React Server Components: Stripe + Supabase Without a Single `useEffect` Join our DEV Weekend Challenge — $1,000 in Prizes Across TEN winners! Submissions Due April 20 at 6:59 AM UTC. Implementing FSRS Spaced Repetition in Flutter + Supabase — Adding Memory Science to an AI Learning App "I Texted My Localhost From the Train — Claude Code Fixed the Bug Before I Got Home" I Built a Sales Prep AI and It Went Deeper Than Expected Design to Code #2: One JSON, Eleven Outputs Solving the 100M-Row Problem: A Summary Table Pattern for High-Volume Push Notification Logs Flutter Web With Wasm: What Actually Changes For Developers I Built 50 Royalty-Free Soundtracks for My Side Project in a Weekend Using AI Music Generation The Vibe Coding Security Checklist: 7 Things to Check Before You Ship Stop Letting Googlebot Guess Fix Your React App's SEO Right Desconstruindo o Streaming do LinkedIn: Como Criar um Engine de Extração de Vídeo de Alta Performance com HLS e FFmpeg (EDA Part-1) EDA (Exploratory Data Analysis) Explained With Real Life — Why Looking at Your Data Is the Most Important Step in Machine Learning Brand Relationship Management at Scale: Our 4-Touch Outreach System for 200+ Brands Why String.fromEnvironment() Might Return an Empty String in Dart JGuardrails 1.0.0 — Hardening Java LLM Apps Against Jailbreaks, Toxicity, and Prompt Injection Plan and Schedule a Full Week of Threads Content From One Claude Conversation Coding Cat Oran Ep3, Five Tables Changed Everything Updated: BFF Pattern I'm done watching freelancers get buried by 200 proposals. So I'm building the alternative. This is my first post BFS Algorithm in Java Step by Step Tutorial with Examples Tracking LLM Pricing Monthly: An Open Dataset for 22 AI Models How We Measure Content ROI on a Comparison Site: Revenue Attribution Without Perfect Data Introducing Nova AI Ops: The AI-Native Operating System for SRE Teams I built a free desktop video downloader for Windows — Grabbit How Talkie OCR Helps Vision-Impaired & Dyslexic Users Read the World Around Them VRCFaceTracking安装和iPhone面捕配置教程,有bug Even CrowdStrike Can't See Your Agents The Automation Gold Rush: What n8n Workflows and Claude Are Opening Up for Developers Right Now
Nanobot Review: HKU's 4K-Line Personal AI Agent Framework
Andrew · 2026-05-06 · via DEV Community

Originally published on andrew.ooo — visit the original for any updates, code snippets that aged out, or follow-up posts.

TL;DR

nanobot is an open-source, ultra-lightweight personal AI agent from the HKUDS (HKU Data Intelligence Lab) team. It positions itself in the same family as OpenClaw, Claude Code, and Codex — but with a deliberately small, readable core that you can fit in your head in an afternoon.

Key facts:

  • 41,700+ GitHub stars as of early May 2026, climbing fast on this week's trending list
  • MIT licensed, Python ≥3.11, packaged on PyPI as nanobot-ai
  • ~4,000 lines of core code — by community accounts, ~90% of an OpenClaw-style core in a fraction of the size
  • 20+ LLM providers: OpenAI, Anthropic, DeepSeek (V4), Kimi (K2.6), Qwen, GLM, MiniMax, Moonshot, Gemini, Mistral, vLLM, Ollama, LM Studio, GitHub Copilot (GPT-5/o-series), OpenRouter, Azure OpenAI, VolcEngine, StepFun, MiMo, Hugging Face
  • Channel plugins: Telegram, Discord, Slack, Feishu, WeChat, WeCom, DingTalk, QQ, WhatsApp, Matrix, MS Teams, Email, Web UI, plus an OpenAI-compatible API and WebSocket
  • MCP support for tools, resources, and prompts; ships with a built-in ClawHub skill for installable agent skills
  • Long-running by design: scheduled tasks, natural-language cron, two-stage memory ("Dream"), atomic session writes, mid-turn follow-ups
  • Install paths: uv tool install nanobot-ai, pip install nanobot-ai, Docker, or macOS LaunchAgent
  • Honest caveat: surface area is huge for a "tiny" agent — a 4K-line core with 20 providers and 14 channels means most of the bytes live in plugin code, and not every channel is equally polished

If you wanted Claude Code's loop and Codex's CLI vibe, but in a hackable Python repo you can fork on a Sunday and run on your own keys against DeepSeek V4 over Telegram — nanobot is exactly that shape.

Why nanobot is showing up everywhere

Three reasons the trending charts caught it this week.

It compresses an idea everyone wants. "Personal AI agent that runs in chat, has memory, can call tools, and survives a Friday night unattended" is the product behind every shiny demo. The v0.1.5 release notes literally frame the goal that way — memory that doesn't forget, runs that don't crash mid-task, channels that don't drop messages.

It picks great defaults for 2026. DeepSeek V4 and Kimi K2.6 came in within days of release; GitHub Copilot GPT-5/o-series is wired through OAuth; MCP exposes tools, resources, and prompts; the Dream memory system is two-stage. Plus /history, /restart, /status — small things that reveal someone has actually run this for weeks.

The code is studyable. Most agent frameworks pad themselves with abstraction layers. nanobot's contributors describe walking in cold, reading the code top-to-bottom, and shipping their first PR the same week — Kiplangat Korir's Medium write-up hit 21 merged contributions starting from a tool-validation crash they fixed on day one.

What's in the box

The repo layout is unusually clean for an agent framework:

nanobot/
├── nanobot/      # core agent loop, providers, memory, channels
├── bridge/       # protocol bridges (OpenAI-compatible API, WebSocket)
├── webui/        # browser chat UI with i18n and dark mode
├── docs/         # provider/channel guides
├── case/         # example agents and skill templates
├── tests/        # surprisingly thorough for a "lightweight" project
├── Dockerfile
├── docker-compose.yml
└── pyproject.toml

Enter fullscreen mode Exit fullscreen mode

The "research-ready" claim is the differentiator. Most personal-agent projects either ship as a CLI you can't extend (Codex) or as a giant runtime with a hundred-page spec (LangGraph, AutoGen). nanobot lands between those — small enough to read, complete enough to actually use.

Installing it

Three install paths, all working as advertised on a fresh macOS box.

The uv route (recommended for daily use):

uv tool install nanobot-ai
nanobot setup
nanobot start

Enter fullscreen mode Exit fullscreen mode

That gives you the interactive setup wizard — pick a provider (OpenAI, Anthropic, DeepSeek, Kimi, Qwen, etc.), it autocompletes model names, you paste a key, and you're chatting in the terminal in under two minutes.

From PyPI inside an existing venv:

python3 -m venv .venv && source .venv/bin/activate
pip install nanobot-ai
nanobot setup

Enter fullscreen mode Exit fullscreen mode

From source (for hacking):

git clone https://github.com/HKUDS/nanobot.git
cd nanobot
pip install -e .

Enter fullscreen mode Exit fullscreen mode

Docker / docker-compose:

git clone https://github.com/HKUDS/nanobot.git
cd nanobot
docker compose up -d

Enter fullscreen mode Exit fullscreen mode

The Dockerfile pins Python 3.13 and runs the agent as a non-root user; logs go to a mounted volume so sessions survive restarts.

macOS LaunchAgent (added 2026-04-25): there's a one-liner that registers nanobot as a LaunchAgent so it auto-starts at login and stays alive across sleeps. This is the path to actually using it as a "personal assistant" in the real sense — wake the laptop, the agent is already running and reachable on Telegram.

Wiring up channels

This is where nanobot earns its weight. The same agent process can be reached through many chat platforms simultaneously, and they share session state.

A minimal nanobot.yaml:

agent:
  name: bumblebee
  model: deepseek-v4
  provider: deepseek

memory:
  backend: dream
  retention_days: 90

channels:
  telegram:
    bot_token: "${TELEGRAM_BOT_TOKEN}"
  discord:
    bot_token: "${DISCORD_BOT_TOKEN}"
    allow_channel_ids: ["1468255584485904618"]
  slack:
    bot_token: "${SLACK_BOT_TOKEN}"
    app_token: "${SLACK_APP_TOKEN}"
  email:
    imap_host: "imap.gmail.com"
    smtp_host: "smtp.gmail.com"
    address: "agent@example.com"
    password: "${EMAIL_APP_PASSWORD}"

mcp:
  servers:
    - name: filesystem
      command: ["npx", "-y", "@modelcontextprotocol/server-filesystem", "/Users/me/notes"]
    - name: github
      command: ["npx", "-y", "@modelcontextprotocol/server-github"]
      env:
        GITHUB_PERSONAL_ACCESS_TOKEN: "${GH_TOKEN}"

Enter fullscreen mode Exit fullscreen mode

Run nanobot start and the same agent is now reachable on Telegram, Discord, Slack, and email — with shared memory, MCP tools, and the OpenAI-compatible API on localhost:8000 for programmatic access.

The Discord channel allow-list (added 2026-04-16) is the quiet hero: you can drop the bot into a server with 200 channels and it'll only respond in the ones you whitelisted. Most multi-channel agent frameworks miss this and end up either spamming or silent.

Building a tool with the SDK

The Agent SDK lands in v0.1.5 as a "production-ready" surface. Here's a concrete example — a tool that reads your andrew.ooo analytics:

from nanobot.sdk import tool, Agent
import httpx

@tool(
    name="get_pageviews",
    description="Get pageviews for a URL on andrew.ooo over the last N days",
    parameters={
        "url": {"type": "string", "description": "Path on andrew.ooo, e.g. /posts/serena-mcp-review"},
        "days": {"type": "integer", "default": 7},
    },
)
async def get_pageviews(url: str, days: int = 7) -> dict:
    async with httpx.AsyncClient() as client:
        r = await client.get(
            "https://api.umami.is/v1/websites/1f0426e9-1184-4032-9fbb-d878972e7cb9/metrics",
            params={"url": url, "startAt": days_ago(days), "endAt": now()},
            headers={"x-umami-api-key": os.environ["UMAMI_API_KEY"]},
        )
    return r.json()

agent = Agent.from_yaml("nanobot.yaml")
agent.register_tool(get_pageviews)
agent.run()

Enter fullscreen mode Exit fullscreen mode

That's the entire surface — decorate a Python function, register it, and your DeepSeek-backed agent on Telegram can now answer "how many pageviews did the Serena post get last week?" with a real number from Umami. No LangChain class hierarchy, no agent graph spec, no separate tool server.

For tools that need an MCP layer (i.e., used by Claude Code or Cursor in addition to your nanobot), the same function works as an MCP server with the nanobot mcp serve command.

The Dream memory system

Most agent frameworks bolt on memory by stuffing everything into the prompt or hand-rolling a vector DB. nanobot's "Dream" memory (renamed and redesigned in v0.1.5) is two-stage:

  1. Hot memory — the last N turns plus a compacted summary of older context, kept in the active session.
  2. Cold memory — token-budgeted, periodically distilled, stored on disk with atomic writes and auto-repair.

The "Dream learns discovered skills" line in the 2026-04-12 changelog is doing a lot of work: when the agent uses a tool successfully, the pattern is hashed and re-surfaced in similar future contexts. It's not magic — it's a learned skill cache — but it means the agent gets faster at your common workflows over a week, not just within a session.

The memory system has been the most-rewritten subsystem of the project (you can see "redesigned memory system" notes in February 2026). Worth knowing: there's no built-in vector DB. If you want semantic memory beyond Dream's compaction, you'd plug in your own MCP memory server.

Community reactions

The reception is genuinely positive, with the usual caveats people raise for any new agent framework:

  • HKU lab pedigree. HKUDS also ships RAG-Anything, the multimodal RAG framework that hit our radar in April, and Vibe-Trading. There's a track record of finishing what they start.
  • Jimmy Song's writeup (jimmysong.io/ai/nanobot) called out the ~4,000-line core hitting "over 90% of OpenClaw's core capabilities" — that's the line that put it on the map.
  • Bright Data published a tutorial building an AI web scraping agent with nanobot using their MCP server, so third-party MCP integrations work in practice, not just in theory.
  • Contributor velocity is real. PRs and issues run hot — the project has 606 open PRs and 298 open issues at the time of writing, with daily merges. The maintainer team keeps pace.
  • Skepticism exists. A February 2026 security audit issue flagged "subtle security gaps in agent execution paths and credential handling" — the team responded with hardening commits, but anyone running this with shell-tool access on a real machine should review the sandbox config in v0.1.5+ before pointing it at production credentials.
  • Community forks. The "ShibaClaw" fork in the discussions tab is one of several rebrands building on the core — a sign the architecture is genuinely composable.

Honest limitations

Things to know before you commit:

  • Surface area is huge for a "tiny" agent. A 4K-line core paired with 20 providers and 14 channels means most of the codebase is plugin glue. If you only care about one provider on one channel, you'll carry a lot of code you don't use.
  • WeChat/QQ/DingTalk are first-class; some Western channels are still catching up. The project is clearly developed primarily for the Chinese market — Feishu, WeChat, DingTalk, QQ, and WeCom integrations get more love than Slack/Discord/Teams in the changelog. Slack works fine, but features like thread isolation and mrkdwn fixes were landing as recently as February.
  • Memory is not a vector DB. Dream is a compaction + skill-cache system, not semantic search. For "find me everything I've said about Postgres in the last six months," you need to bring your own MCP server.
  • Sandbox is opt-in. The shell tool gives the agent real shell access by default. The 2026-04-26 "safer local provider and shell behavior" changelog tightened defaults, but you still need to review disabled_skills and workspace paths before unattended runs.
  • No GUI control. Unlike trycua/cua, nanobot doesn't drive desktop GUIs. It's a chat/CLI/API agent with tools — for browser or computer-use tasks you'd pair it with an MCP server like Playwright.
  • Documentation lives in the repo. The official docs site at nanobot.wiki exists but lags the changelog; for current behavior the README and docs/ folder are authoritative.

How nanobot compares

A quick triangulation with neighbors we've reviewed:

  • vs OpenClaw — OpenClaw is the bigger, more polished personal-agent platform; nanobot is the readable Python alternative if you want to fork instead of configure.
  • vs Claude Code — Claude Code is a closed CLI tied to Anthropic. nanobot is a Python framework that runs against any provider, including Claude.
  • vs smolagents — smolagents is a code-first agent library you embed; nanobot is an agent runtime you deploy.
  • vs trycua/cua — cua is computer-use sandboxes for desktop control; nanobot is chat/tool/MCP and stops at the shell.
  • vs LangGraph/AutoGen — those are graph-orchestration frameworks for building agents. nanobot is the agent. Different layer.

If your question is "I want a personal agent I can run unattended on my own keys, reach over Telegram, and modify when something breaks," nanobot is closer to the answer than any of the above.

FAQ

Is nanobot really only ~4,000 lines?
The core agent loop — the part that decides what to do next, calls models, dispatches tools, and manages turns — is in that ballpark. The full repo is much larger because of channel plugins (Telegram, Discord, Slack, etc.), provider adapters, the Dream memory system, the WebUI, and tests. The "ultra-lightweight" claim is about the readable core, not lines-of-code in the install footprint.

Can nanobot run fully offline / on a local model?
Yes. It supports vLLM, Ollama, and LM Studio as providers. With uv tool install nanobot-ai and Ollama running locally, you can have a Llama-3.3 or Qwen 2.5 agent on Telegram with no cloud API key. Channels still need internet, but inference is local.

How does it handle MCP?
nanobot is an MCP client out of the box — it speaks to MCP servers (filesystem, GitHub, Bright Data, Playwright, etc.) and exposes their tools to the LLM. As of v0.1.4, it also lets you mount multiple MCP servers in one config. There's a built-in ClawHub skill for searching and installing public agent skills, which is the easiest way to discover useful MCP servers.

Is it production-ready?
For "personal assistant running on my own machine" — yes, v0.1.5 explicitly targets that. For "customer-facing agent in our SaaS" — read the security history first. The February 2026 audit flagged real issues, the team patched them, and v0.1.5+ ships with sandboxing, but agent-execution security is a live problem space and you should treat any framework giving an LLM shell access with care.

What's the relationship to OpenClaw?
The README explicitly positions nanobot as "in the spirit of OpenClaw, Claude Code, and Codex." It's not a fork — it's a from-scratch Python implementation of a similar agent loop, with a different design priority: readability and hackability over feature breadth.

Which model should I start with?
DeepSeek V4 if cost matters (cheap, fast, surprisingly competent at tool use). Claude Sonnet/Opus if quality matters more than cost. GitHub Copilot GPT-5 if you already have a paid Copilot seat — nanobot supports the OAuth flow to use it without separate keys. Avoid local models for first-time setup; you want to know whether the framework works before you also debug your inference stack.

Bottom line

nanobot is the rare "lightweight" framework that actually delivers on the word. The core is small enough to read, the install is two commands, the channel coverage is broader than anyone else's, and the Dream memory system is a credible attempt at long-running agent state without a vector-DB tax.

If you've been waiting for a Python answer to "give me a personal agent I can fork, run on DeepSeek, and reach over Telegram" — this is it. Star the repo, install with uv tool install nanobot-ai, run the setup wizard, and you'll be talking to your own agent in five minutes.

Repo: github.com/HKUDS/nanobot · Docs: nanobot.wiki · Discord: discord.gg/MnCvHqpUGB