caret

Caretkeepsyouragentsontrack.

Your prompt is a contract. Caret enforces it — checking every tool call against your intent and intervening the moment an agent drifts, before the damage is in the diff.

Start supervisingSee how it works →

scroll to see the pipeline

enforce

Claude Code is editing six files. You're in Slack. Caret is enforcing your intent.

Every tool call is evaluated against your original prompt in under 50ms. Not just recorded — checked. Scope, approach, cost, destructive patterns. The supervisor runs a continuous evaluation loop on every Read, Write, Edit, and Bash call your agent makes.

src/api/auth/route.ts

+ import { rateLimit } from '@/middleware/rateLimit'
+ 
  export async function POST(req: Request) {
+   await rateLimit(req, { window: 60, max: 10 })
    const body = await req.json()

intervene

The agent deleted a test to make the suite pass. Caret blocked it.

Three intervention modes, configurable per drift type. Alert notifies you instantly. Steer injects corrective context into the agent's conversation. Block stops destructive actions before they execute.

auth.test.ts:42–58 — blocked

  it('rejects expired tokens', async () => {
    const expired = createToken({ exp: past })
    const res = await POST(expired)
    expect(res.status).toBe(401)
  })

ship

Every run gets better.

Drift patterns compound across your team. When one developer's agent tries something destructive, every agent on the team learns from it. Shared policies, shared blocklists, shared confidence.

Supervise-by-default. Ship with confidence.

~/project
0:00
$
claude-code

Tuesday

12 agent runs · 9 clean · 3 drift · $4.88 total
09:12fix login redirect loop$0.18
09:41add email validation to signup$0.09
10:15refactor auth middleware to use jose$1.34
10:52write migration for user_roles table$0.22
11:30add rate limiting to /api/auth$0.42
13:05fix flaky test in payments.test.ts$0.31
13:48update Stripe webhook handler$0.56
14:22add retry logic to email service$0.87
15:01generate OpenAPI spec from routes$0.14
15:33add CORS headers to public endpoints$0.07
16:10delete legacy auth v1 module$0.63
16:45add health check endpoint$0.05

What your agents did while you weren't looking.

A typical developer runs 12 agent sessions a day. Three will drift. One will attempt something destructive — deleting tests, force pushing, running commands outside scope. You won't see it in CI because the PR isn't open yet. You won't see it in logs because agents don't log what they almost did.

That's 12 runs today. Three drifted. One tried to delete your test directory. Caret caught all of them. What's catching yours?

integrations

Supervises every agent you already use.

Claude Code
Cursor
Codex
Aider
Gemini CLI
HTTP API

pricing

Free for solo. $19/dev/mo for teams. Talk to us for enterprise.

solo
$0forever

All drift detectors, blocking, alerts, dashboard, CLI.

Get started
teampopular
$19/dev/mo

Shared policies, team-wide blocking, Slack alerts, API.

Start free trial
enterprise
Custom

Custom policies, self-hosted, SSO, audit log, SLA.

Contact sales

Compare all features →

get started

Three commands. Full control.

Install the CLI, hook into your agent, start supervising. No config files.

$npm i -g @caretlabs/cli
Start supervising freeQuickstart guide →