The Six-Week Startup That Said No to a $20M Buyout

01 /The Concept

Two brothers started writing code in January. By March, a large company had offered them $20 million to stop building and hand it over. They said no — and closed a $12 million seed round instead.

NanoClaw is an open source AI agent harness built around a single constraint: the agent never gets direct access to anything it doesn't need. It runs inside a Docker container. Its API calls go through a policy-enforced gateway. The entire codebase is 500 lines of TypeScript — designed to be audited by any engineer in under eight minutes.

That last detail is the tell. Most AI agent platforms compete on capabilities. NanoClaw competes on trust — specifically, on the claim that you can actually know what it does.

The market timing isn't incidental. Enterprise AI adoption has hit a specific wall: security teams can't approve agents that require broad system access, and most do. OpenClaw, the tool NanoClaw was built as a secure alternative to, runs directly on a machine with access to all services and credentials. That's useful in development but disqualifying in production for anyone in a regulated or sensitive environment.

Gavriel Cohen, the CEO, is a former Wix developer who built NanoClaw while solving a problem at his previous startup. His brother Lazer, who runs Concrete Media, came in as co-founder. The first line of code was written January 29, 2026. Six weeks later, they had a term sheet.

The GitHub launch drew 29,000 stars, with engineers at Amazon, Gap, Google, Meta, SentinelOne, and Accenture actively using it. That's when the acquisition offer arrived. The brothers turned it down, raised $12 million at a $62 million valuation — backed by Valley Capital Partners alongside Docker, Vercel, Monday.com, Slow Ventures, and Hugging Face CEO Clem Delangue.

02 /Why It Matters

Enterprise AI agents mostly work by granting access and hoping. They get credentials, they get permissions, they get API keys — and they use them, ideally correctly. The prevailing assumption is that alignment problems will eventually be solved at the model level: train the model well enough and it won't do things it shouldn't.

NanoClaw's architecture treats the alignment problem as a security architecture problem first. The agent doesn't get to decide whether to access something it doesn't need — it's structurally prevented from doing so. The policy gateway defines what's allowed; anything outside that perimeter is unreachable.

This matters because enterprise adoption of AI agents is currently gated by security review, not by capability. The agents exist, the use cases are real, but the bottleneck is clearing information security. NanoClaw's design is built for that specific bottleneck — reviewable, auditable, and containable in ways that most agent platforms avoid in the name of flexibility.

The open source approach amplifies this. An agent whose full behavior can be read in eight minutes is fundamentally different from a black box that asks for your credentials and promises to behave. The 29,000 GitHub stars represent engineers who could read the code and chose to use it anyway.

03 /Opportunities

The interesting question isn't whether secure agents are needed — they clearly are. The question is whether security-by-architecture is defensible as a product position once the major platforms add comparable sandboxing.

NanoClaw's structural advantage right now is the open source community: contributors, stars, integrations, and brand recognition among engineers who recommend tools upward through procurement. The risk is that Docker — which participated in the seed round — or another infrastructure player builds similar containment and treats it as a checkbox feature.

The durable moat is probably vertical-specific policy templates. A sandboxed container is a starting point; an HVAC software company and a bank have completely different policy requirements. NanoClaw's defensibility lives in pre-built policy libraries for specific regulated industries — healthcare, finance, legal — where getting an agent wrong is measured in fines and liability rather than inconvenience.

The adjacent opportunity is compliance-as-a-service for AI agents. Any organization deploying agents today has to invent its own governance framework from scratch. A platform combining NanoClaw's technical containment with the audit trail, logging, and policy documentation that compliance teams actually need could sustain per-seat pricing that the free open source tier never captures. The transition from "project engineers use for free" to "enterprise pays for governance" is harder than building the product — but it's the only path to defensible revenue at scale.