Manage Mounts

How it works

NanoClaw isolates agents in containers — by default they can’t see anything on your host. The mount allowlist at ~/.config/nanoclaw/mount-allowlist.json is the explicit list of host directories that agents are allowed to access.

The /manage-mounts skill is a focused tool for editing that allowlist: view, add, remove, or reset.

What it does

• Show current config — pretty-prints the allowlist so you can see which directories are exposed and which are read-only for non-main agents.
• Add a directory — validates the path exists, asks whether non-main agents should have read-only access (default: yes), and writes the updated config.
• Remove a directory — shows the current entries, asks which to remove, and writes the result.
• Reset to empty — clears the allowlist entirely.

After any change, the skill restarts the NanoClaw service so containers pick up the new config.

What gets mounted

Each entry in the allowlist has:

• path — an absolute host path (must exist when added).
• readOnly — whether agents can write back. Read-only is the safer default.

A separate nonMainReadOnly flag toggles read-only enforcement on non-main agents — useful when you trust your main agent more than secondary agents.

Tips

• The allowlist is a security boundary, not a hint. Container agents physically cannot see host directories that aren’t in the list — Docker won’t bind-mount them.
• Adding ~/Documents exposes everything in there. Be specific: ~/Projects/foo is safer than ~.
• Read-only is the right default for most paths. Flip it to read-write only when an agent legitimately needs to modify files.
• For tools that need their own state directories (like ~/.gmail-mcp or ~/.calendar-mcp), put the parent dir in the allowlist so the tool can find its credentials and write its tokens.
• Skills that require host access (like /add-gmail-tool and /add-gcal-tool) check the allowlist as part of their pre-flight and tell you what’s missing.