NanoCo Unveils Enterprise AI Agent Service: One Secure Docker-Sandboxed Agent Per Employee

Breaking: NanoCo, the Tel Aviv startup behind the open-source NanoClaw agent framework, today launched a managed enterprise service that provides each employee with a personal, sandboxed AI agent. The company also secured $12 million in seed funding led by Valley Capital Partners, with participation from Docker and Vercel.

Unlike existing enterprise AI services such as Microsoft Copilot, ChatGPT Enterprise, and Glean, which deploy a single shared assistant for the entire company, NanoCo’s model gives every worker their own agent. Each agent runs in an isolated Docker sandbox and adapts to the employee’s specific role and tools over time.

“Most companies do not want to build an agent platform,” said Gavriel Cohen, co-founder and CEO of NanoCo. “They want a working assistant for each employee.”

Security-First Architecture: Credentials Never Reach the Agent

A key differentiator is NanoCo’s approach to security. Every employee’s agent operates inside its own Docker sandbox. Requests from Slack or Teams pass through a bridge to a Router component, which pulls credentials from a separate Agent Vault and injects them only at the moment of an outbound call. The agent never sees the credentials themselves.

“An agent has to be able to work inside the most sensitive parts of a business—their email, their customer records,” Cohen emphasized. By assuming any input could be hostile, this credential isolation limits what an agent can do if tricked by a malicious prompt.

When an action is approved (automatically or by a human), NanoCo runs it with the approver’s credentials—not the agent’s. This means a write to Salesforce CRM is logged against the human who approved it, leaving a complete audit trail. Cohen argues that most agent platforms route a yes/no decision to a human without binding that human’s identity to the resulting action.

Background: From Open Source to Enterprise

NanoClaw, the open-source agent framework behind the new service, has accumulated nearly 29,000 GitHub stars since its launch in February. The developer community remains highly active, and users include executives at Amazon, Google, Meta, and Accenture. An unexpected superfan is Singapore’s foreign minister, Vivian Balakrishnan; NanoCo’s co-founders Gavriel and Lazer Cohen recently flew to Singapore to meet with him.

Each per-employee agent acts as a supervisor that can spawn specialized sub-agents on demand, each running in its own sandbox. For example, in a PR Factory use case, a supervisor agent dispatches to separate re-writer and fact-checker sub-agents, all isolated from one another.

What This Means

NanoCo is betting that enterprises will embrace a per-employee agent model over the shared-assistant approach. This design promises stronger security through sandboxing and credential isolation, and better personalization as each agent learns the specifics of its owner’s work. With $12 million in seed funding from notable infrastructure backers like Docker and Vercel, the company is positioned to challenge incumbents like Microsoft and Glean in the rapidly growing enterprise AI agent market.

However, it remains to be seen whether managing thousands of individual sandboxes at scale will prove cost-effective and administratively simple. NanoCo’s early traction and high-profile users suggest the market is eager for a more secure, tailored alternative.