AI + Nix: Run Anything, Install Nothing

The problem: AI needs software, hosts need hygiene

AI coding agents are increasingly capable. They can write code, run commands, debug issues, and orchestrate complex workflows. But they hit a wall the moment they need a tool that is not installed: a linter for an unfamiliar language, a database client, an image editor, a network diagnostic tool.

The traditional options are bad:

• Install it permanently — pollutes the host with packages the user never asked for and may never need again.
• Run it in a container — isolates the tool from the host, breaking access to local files, GPU, display server, and other resources the AI often needs.
• Ask the user to install it — breaks the flow and defeats the purpose of autonomous agents.

Nix offers a fourth option: run anything ad-hoc, directly on the host, and garbage collect it later. The AI gets full host access. The host stays clean.

How ad-hoc execution works

Nix can run any of its 120,000+ packages without installing them in the traditional sense. The binaries land in /nix/store — an immutable, content-addressed directory — and are available immediately. No apt-get, no brew, no sudo, no permanent changes to PATH.

nix run: execute and exit

nix run fetches a package, builds or downloads it, and runs its default binary in a single command:

$ nix run nixpkgs#cowsay -- "Hello from Nix"
 ________________
< Hello from Nix >
 ----------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

The binary is cached in /nix/store. Nothing is added to your profile or PATH. Run it again and it starts instantly from cache.

nix shell: get a temporary environment

nix shell drops you into a shell (or runs a command) with one or more packages available:

$ nix shell nixpkgs#ffmpeg nixpkgs#imagemagick
$ ffmpeg -version
ffmpeg version 7.1 ...
$ convert --version
Version: ImageMagick 7.1.1 ...
$ exit
$ ffmpeg -version
zsh: command not found: ffmpeg

The packages exist only for the duration of the shell session. After exit, they are gone from PATH — though still cached in the store for instant reuse.

Graphical applications work too

Nix packages include desktop applications with full access to the host display server, GPU, audio, and filesystem:

$ nix run nixpkgs#firefox
$ nix run nixpkgs#gimp
$ nix run nixpkgs#blender
$ nix run nixpkgs#libreoffice

These are not sandboxed or containerized. They run as native processes on the host with the same permissions as the user. They can open local files, access the clipboard, use hardware acceleration — everything a normally installed application can do.

Garbage collection: reclaim disk space on demand

Every nix run and nix shell invocation caches its packages in /nix/store. Over time, this cache grows. Nix provides precise garbage collection to reclaim space:

# Remove packages not referenced by any profile or GC root
$ nix-collect-garbage

# Remove everything older than 30 days
$ nix-collect-garbage --delete-older-than 30d

# Remove all old generations, then collect
$ nix-collect-garbage -d

Garbage collection is safe. Nix traces references from your active profiles and GC roots. Anything not reachable is removed. Anything still needed stays. There is no risk of breaking running software.

Check how much space the store uses:

$ nix store info
$ du -sh /nix/store

Why this matters for AI

AI agents that can invoke shell commands gain a practical superpower with Nix: they can use any software without asking permission to install it and without leaving a mess behind.

What this looks like in practice

An AI coding agent working on a project might need to:

1. Lint unfamiliar code — The project has a Haskell file. The agent does not need Haskell installed:

$ nix run nixpkgs#hlint -- src/Parser.hs

2. Process images — A task requires resizing screenshots. No need to permanently install ImageMagick:

$ nix shell nixpkgs#imagemagick -c convert input.png -resize 50% output.png

3. Inspect a database — The agent needs to check a PostgreSQL schema:

$ nix shell nixpkgs#postgresql -c psql -h localhost -U dev -d myapp -c '\dt'

4. Generate diagrams — Documentation needs architecture diagrams from Graphviz DOT files:

$ nix shell nixpkgs#graphviz -c dot -Tpng architecture.dot -o architecture.png

5. Open a GUI application — The agent needs to verify a PDF renders correctly:

$ nix run nixpkgs#evince -- report.pdf

6. Run a language runtime — A quick Python script is the fastest way to solve a data transformation:

$ nix shell nixpkgs#python3 -c python3 transform.py

In every case, the tool appears instantly (or after a one-time download and build), runs with full host access, and leaves nothing behind once garbage collected.

The container trap

Containers are the default answer to “run something without installing it,” but they introduce friction that undermines AI agents:

Containers are excellent for deployment isolation. But for an AI agent that needs to use software on a developer’s workstation, Nix’s ad-hoc execution is a better fit. The agent operates as an extension of the user, not inside a sealed box.

Security model

The Nix store itself is read-only and content-addressed. Packages cannot be tampered with after they are built. Every store path includes a cryptographic hash of all inputs. If you fetch the same package twice, you get the same bytes.

Setting up Nix for ad-hoc use

If Nix is not yet installed, a single command sets it up. This installs the Determina Nix package manager with reasonable defaults.

$ curl -sSf -L https://getnix.io/install | sh -s -- install

Verify it works:

$ nix run nixpkgs#hello
Hello, world!

That is all the setup needed. No package lists to maintain, no profiles to manage. Any of the 120,000+ packages in nixpkgs is now one command away.

Combining ad-hoc packages in a pipeline

Nix shell sessions can compose multiple packages for complex operations:

$ nix shell nixpkgs#ffmpeg nixpkgs#whisper-ctranslate2 -c bash -c '
  ffmpeg -i meeting.mp4 -vn -ar 16000 -ac 1 audio.wav
  whisper audio.wav --model medium --output_format txt
'

This extracts audio from a video and transcribes it using Whisper — neither tool needs to be installed. An AI agent can construct pipelines like this dynamically, pulling in whatever tools the task requires.

Example: Claude Code with Nix

Claude Code is Anthropic’s CLI agent that runs shell commands on your machine. By default it can only use tools already installed on the host. With Nix available, Claude gains access to the entire nixpkgs package set — without installing anything permanently.

Instructing Claude to use Nix

Add a CLAUDE.md file to your project (or your home directory for global instructions) telling Claude that Nix is available and how to use it:

# Tools

Nix is installed on this system. When you need a tool that is not
available, use `nix run nixpkgs#<package>` or `nix shell nixpkgs#<package>`
to run it ad-hoc. Do not install packages permanently.

Search for packages with `nix search nixpkgs <term>`.

That is all it takes. Claude reads CLAUDE.md at the start of every session and will use nix run / nix shell whenever it needs software that is not on the PATH.

What a session looks like

You ask Claude to generate a diagram from a Graphviz DOT file in your project. Claude does not have Graphviz installed, but Nix is available:

You: Generate a PNG from docs/architecture.dot

Claude: I'll render the DOT file to PNG using Graphviz via Nix.

  $ nix shell nixpkgs#graphviz -c dot -Tpng docs/architecture.dot -o docs/architecture.png

  Created docs/architecture.png (2048x1536, 184 KB).

Or you ask Claude to optimize images. It reaches for multiple tools at once:

You: Compress all PNGs in static/ losslessly

Claude: I'll use OptiPNG via Nix to compress them in place.

  $ nix shell nixpkgs#optipng -c bash -c 'for f in static/*.png; do optipng -o5 "$f"; done'

  static/og.png: 142 KB → 118 KB (17% reduction)
  static/hero.png: 89 KB → 74 KB (17% reduction)
  static/logo.png: 12 KB → 11 KB (8% reduction)

Claude can also open graphical applications when it needs visual verification:

You: Check if the PDF report renders correctly

Claude: I'll open the PDF with Evince via Nix so you can inspect it.

  $ nix run nixpkgs#evince -- output/report.pdf

In each case, Claude finds and uses the right tool without any prior installation. The tools are cached in /nix/store for instant reuse and cleaned up by garbage collection when no longer needed.

Automatic cleanup with scheduled garbage collection

For hosts where AI agents run frequently, automate garbage collection so the store does not grow unbounded:

# systemd timer (Linux) — collect garbage weekly
$ cat > ~/.config/systemd/user/nix-gc.service << 'EOF'
[Unit]
Description=Nix garbage collection

[Service]
Type=oneshot
ExecStart=/nix/var/nix/profiles/default/bin/nix-collect-garbage --delete-older-than 7d
EOF

$ cat > ~/.config/systemd/user/nix-gc.timer << 'EOF'
[Unit]
Description=Weekly Nix garbage collection

[Timer]
OnCalendar=weekly
Persistent=true

[Install]
WantedBy=timers.target
EOF

$ systemctl --user enable --now nix-gc.timer

On NixOS, this is a one-liner in your system configuration:

nix.gc = {
  automatic = true;
  dates = "weekly";
  options = "--delete-older-than 7d";
};

Quick reference