diff --git a/.gitea/workflows/update-clan-core-for-checks.yml b/.gitea/workflows/update-clan-core-for-checks.yml
new file mode 100644
index 000000000..8d858a889
--- /dev/null
+++ b/.gitea/workflows/update-clan-core-for-checks.yml
@@ -0,0 +1,33 @@
+name: "Update pinned clan-core for checks"
+on:
+  repository_dispatch:
+  workflow_dispatch:
+  schedule:
+    - cron: "51 2 * * *"
+jobs:
+  update-pinned-clan-core:
+    runs-on: nix
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Update clan-core for checks
+        run: nix run .#update-clan-core-for-checks
+      - uses: github.com/quentinlegot/gitea-create-pull-request@c05fb67b080696dcdb2d2b7ea83051ec413f7285 # Change full sha to last commit of this repo if needed
+        with:
+          commit-message: Bump clan-core
+          branch: update-clan-core-for-checks
+      - name: Create pull request
+        run: |
+          git commit -am ""
+          git push origin HEAD:update-clan-core-for-checks
+          curl -X POST \
+            -H "Authorization: token $GITEA_TOKEN" \
+            -H "Content-Type: application/json" \
+            -d '{
+              "head": "update-clan-core-branch",
+              "base": "main",
+              "title": "Automated Update: Clan Core",
+              "body": "This PR updates the pinned clan-core for checks."
+            }' \
+            "${GITEA_SERVER_URL}/api/v1/repos/${GITEA_OWNER}/${GITEA_REPO}/pulls"
diff --git a/checks/clan-core-for-checks.nix b/checks/clan-core-for-checks.nix
new file mode 100644
index 000000000..10da498ab
--- /dev/null
+++ b/checks/clan-core-for-checks.nix
@@ -0,0 +1,6 @@
+{ fetchgit }:
+fetchgit {
+  url = "https://git.clan.lol/clan/clan-core.git";
+  rev = "1e8b9def2a021877342491ca1f4c45533a580759";
+  sha256 = "0f12vwr1abwa1iwjbb5z5xx8jlh80d9njwdm6iaw1z1h2m76xgzc";
+}
diff --git a/checks/flake-module.nix b/checks/flake-module.nix
index c601a98f7..bc8a58a3a 100644
--- a/checks/flake-module.nix
+++ b/checks/flake-module.nix
@@ -101,6 +101,12 @@ in
                 mkdir -p $out
                 cat $schemaFile > $out/allSchemas.json
               '';
+
+          clan-core-for-checks = pkgs.runCommand "clan-core-for-checks" { } ''
+            cp -r ${pkgs.callPackage ./clan-core-for-checks.nix { }} $out
+            chmod +w $out/flake.lock
+            cp ${../flake.lock} $out/flake.lock
+          '';
         };
       legacyPackages = {
         nixosTests =
diff --git a/checks/flash/flake-module.nix b/checks/flash/flake-module.nix
index 7d1e911e6..96e2d1f47 100644
--- a/checks/flash/flake-module.nix
+++ b/checks/flash/flake-module.nix
@@ -43,6 +43,7 @@
     let
       dependencies = [
         pkgs.disko
+        pkgs.buildPackages.xorg.lndir
         self.nixosConfigurations."test-flash-machine-${pkgs.hostPlatform.system}".pkgs.perlPackages.ConfigIniFiles
         self.nixosConfigurations."test-flash-machine-${pkgs.hostPlatform.system}".pkgs.perlPackages.FileSlurp
 
@@ -80,7 +81,7 @@
 
             # Some distros like to automount disks with spaces
             machine.succeed('mkdir -p "/mnt/with spaces" && mkfs.ext4 /dev/vdb && mount /dev/vdb "/mnt/with spaces"')
-            machine.succeed("clan flash write --debug --flake ${../..} --yes --disk main /dev/vdb test-flash-machine-${pkgs.hostPlatform.system}")
+            machine.succeed("clan flash write --debug --flake ${self.checks.x86_64-linux.clan-core-for-checks} --yes --disk main /dev/vdb test-flash-machine-${pkgs.hostPlatform.system}")
           '';
         } { inherit pkgs self; };
       };
diff --git a/checks/installation/flake-module.nix b/checks/installation/flake-module.nix
index 0d5af173b..07f565218 100644
--- a/checks/installation/flake-module.nix
+++ b/checks/installation/flake-module.nix
@@ -15,6 +15,7 @@ let
         pkgs.bash.drvPath
         pkgs.nixos-anywhere
         pkgs.bubblewrap
+        pkgs.buildPackages.xorg.lndir
       ] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
       closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
     in
@@ -197,7 +198,7 @@ in
             installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../assets/ssh/privkey} /root/.ssh/id_ed25519")
 
             installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname")
-            installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake")
+            installer.succeed("cp -r ${self.checks.x86_64-linux.clan-core-for-checks} test-flake && chmod -R +w test-flake")
 
             installer.succeed("clan machines install --no-reboot --debug --flake test-flake --yes test-install-machine-without-system --target-host nonrootuser@localhost --update-hardware-config nixos-facter >&2")
             installer.shutdown()
@@ -217,7 +218,7 @@ in
             installer.start()
             installer.succeed("${pkgs.coreutils}/bin/install -Dm 600 ${../assets/ssh/privkey} /root/.ssh/id_ed25519")
             installer.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v nonrootuser@localhost hostname")
-            installer.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake")
+            installer.succeed("cp -r ${self.checks.x86_64-linux.clan-core-for-checks} test-flake && chmod -R +w test-flake")
             installer.fail("test -f test-flake/machines/test-install-machine/hardware-configuration.nix")
             installer.fail("test -f test-flake/machines/test-install-machine/facter.json")
 
diff --git a/checks/morph/flake-module.nix b/checks/morph/flake-module.nix
index 84884e467..7c4d03511 100644
--- a/checks/morph/flake-module.nix
+++ b/checks/morph/flake-module.nix
@@ -55,7 +55,7 @@
           testScript = ''
             start_all()
             actual.fail("cat /etc/testfile")
-            actual.succeed("env CLAN_DIR=${self} clan machines morph test-morph-template --i-will-be-fired-for-using-this --debug --name test-morph-machine")
+            actual.succeed("env CLAN_DIR=${self.checks.x86_64-linux.clan-core-for-checks} clan machines morph test-morph-template --i-will-be-fired-for-using-this --debug --name test-morph-machine")
             assert actual.succeed("cat /etc/testfile") == "morphed"
           '';
         } { inherit pkgs self; };
diff --git a/docs/site/contributing/testing.md b/docs/site/contributing/testing.md
index 6791e45a9..d775ed86c 100644
--- a/docs/site/contributing/testing.md
+++ b/docs/site/contributing/testing.md
@@ -32,7 +32,7 @@ VM tests should be avoided wherever it is possible to implement a cheaper unit t
 
 Existing nixos vm tests in clan-core can be found by using ripgrep:
 ```shellSession
-rg "import.*/lib/test-base.nix"
+rg self.clanLib.test.baseTest
 ```
 
 ### Locating definitions of failing VM tests
@@ -50,7 +50,7 @@ example: locating the vm test named `borgbackup`:
 ```shellSession
 $ rg "borgbackup =" ./checks
 ./checks/flake-module.nix
-41:            borgbackup = import ./borgbackup nixosTestArgs;
+44-            wayland-proxy-virtwl = self.clanLib.test.baseTest ./wayland-proxy-virtwl nixosTestArgs;
 ```
 
 -> the location of that test is `/checks/flake-module.nix` line `41`.
@@ -99,15 +99,15 @@ Basically everything stated under the NixOS VM tests sections applies here, exce
 
 Limitations:
 
-- does not yet support networking
-- supports only one machine as of now
-
+- Cannot run in interactive mode, however while the container test runs, it logs a nsenter command that can be used to log into each of the container.
+- setuid binaries don't work
 
 ### Where to find examples for NixOS container tests
 
 Existing nixos container tests in clan-core can be found by using ripgrep:
+
 ```shellSession
-rg "import.*/lib/container-test.nix"
+rg self.clanLib.test.containerTest
 ```
 
 
diff --git a/flakeModules/demo_iso.nix b/flakeModules/demo_iso.nix
index 3fc03c373..b4bccfec7 100644
--- a/flakeModules/demo_iso.nix
+++ b/flakeModules/demo_iso.nix
@@ -37,7 +37,7 @@ let
       done
       if ! test -e ~/clan-core; then
         # git clone https://git.clan.lol/clan/clan-core.git ~/clan-core
-        cp -rv ${self} clan-core
+        cp -rv ${self.checks.x86_64-linux.clan-core-for-checks} clan-core
       fi
       cd clan-core
       clan machines morph demo-template --i-will-be-fired-for-using-this
diff --git a/pkgs/flake-module.nix b/pkgs/flake-module.nix
index 4eade68c7..5551974a2 100644
--- a/pkgs/flake-module.nix
+++ b/pkgs/flake-module.nix
@@ -36,6 +36,7 @@
         classgen = pkgs.callPackage ./classgen { };
         zerotierone = pkgs.callPackage ./zerotierone { };
         webview-lib = pkgs.callPackage ./webview-lib { };
+        update-clan-core-for-checks = pkgs.callPackage ./update-clan-core-for-checks { };
       };
     };
 }
diff --git a/pkgs/update-clan-core-for-checks/default.nix b/pkgs/update-clan-core-for-checks/default.nix
new file mode 100644
index 000000000..744d0b33f
--- /dev/null
+++ b/pkgs/update-clan-core-for-checks/default.nix
@@ -0,0 +1,35 @@
+{
+  writeShellApplication,
+  git,
+  jq,
+  nix-prefetch-git,
+}:
+writeShellApplication {
+  name = "update-clan-core-for-checks";
+  runtimeInputs = [
+    git
+    jq
+    nix-prefetch-git
+  ];
+  text = ''
+    reporoot=$(git rev-parse --show-toplevel)
+    if [ -z "$reporoot" ]; then
+      echo "Not in a git repository. Please run this script from the root of the repository."
+      exit 1
+    fi
+    cd "$reporoot"
+    # get latest commit of clan-core
+    json=$(nix-prefetch-git "$(pwd)")
+    sha256=$(jq -r '.sha256' <<< "$json")
+    rev=$(jq -r '.rev' <<< "$json")
+
+    cat > ./checks/clan-core-for-checks.nix <<EOF
+    { fetchgit }:
+    fetchgit {
+      url = "https://git.clan.lol/clan/clan-core.git";
+      rev = "$rev";
+      sha256 = "$sha256";
+    }
+    EOF
+  '';
+}