Red Hat’s OpenClaw manager just made Claw business deployments even more secure

On Tuesday, Red Hat senior software engineer Sally O’Malley release a new open source tool called Tank OS to make it easier to use and manage OpenClaw support more carefully.

“This was an interesting project that I put together over the weekend that I knew would be a good fit for AI and where we’re going,” he told TechCrunch, adding that he wanted to bring it “to the masses.”

Tank OS is aimed at power users looking to run OpenClaw on their desktops and at IT managing OpenClaw enterprise teams. It makes OpenClaw more secure and easier to maintain.

Countless people, companies, and startups are already creating better ways to work with OpenClaw – the Open source project which installs the AI ​​agent on the local computer. There is also a growing number of competing startups that claim to be safe (like NanoClaw).

What makes O’Malley’s project stand out is that he is the administrator of OpenClaw. That means he’s part of a team of programmers who work with designer Peter Steinberger to decide what works. For him, he is focused on making OpenClaw work better for businesses, as well as with Red Hat’s various versions of Linux. (When Steinberger written by OpenAI, he still leads the independent OpenClaw project.)

O’Malley joined OpenClaw because he felt it was working to “help everyone run AI in a safe, open way,” he said.

But he started thinking about what would happen when OpenClaw entered the business and decided to create a tool to support this. He started with an open source tool called Podman, developed by a colleague at Red Hat. Containers are a way to run software separately from the underlying computer, with everything the software needs to run, bundled together. They can run Linux software on a Windows or Mac machine, for example.

Podman is the most secure way to do this because it’s “rootless,” meaning it doesn’t give the container any access from the underlying system, Red Hat says.

Tank OS mounts OpenClaw on Red Hat’s Fedora Linux OS in the Podman container and makes the container a bootable image, meaning it will run and launch OpenClaw when you boot the computer.

Its toolkit includes everything necessary to make OpenClaw useful without public supervision, such as the state (the part that allows memory); Ability to store API keys (information to access subscriptions and services); etc.

Users can run multiple Tank OSes on a machine to perform different tasks, without sharing passwords or credentials between them, and no OpenClaw can find anything else running on the computer.

While O’Malley is aware that OpenClaw is working to keep the agent safe, he says it’s “a very powerful project,” and can be “dangerous” if not properly planned. “It’s not a tool that you can use easily unless you have a certain skill set,” he said.

More articles, such as the Meta AI security researcher who Claw started deleting all of his work email, or agent that downloaded in plain text all WhatsApp DMs. There is also growth type of malware aimed at OpenClaw users.

To be honest, Tank OS is no longer for techno novices, he says. You should be comfortable installing and maintaining software on your computer, he says. Tank OS is no longer the only OpenClaw installation that works in containers. For example, NanoClaw is doing the same is a well-known Docker container company.

But Tank OS is designed to be useful primarily for IT professionals (Red Hat’s biggest customers) who may one day manage OpenClaw support teams on corporate computers. It allows them to change agents as they already run other containers.

“My role in OpenClaw is my passion,” O’Malley said. “What will it look like if there are millions of independent entities communicating with each other.”