Loading...
drift detection
Every AI coding agent drifts. Caret detects six distinct patterns and intervenes before the damage lands in your codebase.
live example
$ caret run "fix auth token refresh"
intent: fix · scope: src/auth/**
Read src/auth/session.ts ✓
Read src/auth/refresh.ts ✓
Edit src/auth/refresh.ts +12 -3
Edit src/db/schema.ts ⚠ scope drift
Edit src/db/schema.ts ⚠ scope drift (2)
Bash rm -rf src/tests/ ✕ BLOCKED
drift detected: 2 scope, 1 destructive blocked
run complete · $0.42 · 2m 14s
what caret stops
Each drift type is detected, classified, and acted on — with configurable intervention from alerting to full blocking.
You ask the agent to fix auth. It starts rewriting the database schema. Caret detects the out-of-scope edit and alerts you before the agent goes further.
detection
File-path comparison against intent scope field. Cumulative scoring with configurable threshold.
The agent edits the same file five times. Same test fails each time. Caret detects the loop and injects corrective context to break the cycle.
detection
File-edit frequency tracking + consecutive failure pattern detection.
A "fix typo" prompt is burning $2 in tokens. Caret flags the runaway cost and can halt the session before your budget disappears.
detection
Expected cost estimation based on action type and scope size vs actual token consumption.
The agent runs rm -rf src/tests/. Caret blocks the command before it executes. The agent gets an explanation and continues safely.
detection
Pattern matching against built-in dangerous command list. Zero false negatives.
You asked for a one-line fix. The agent is creating a new class and refactoring three components. Caret flags the over-engineering before it ships.
detection
Diff size and file count compared against expected complexity for action type.
The agent imports a package that doesn't exist. Caret cross-references the registry and blocks the phantom dependency before it breaks your build.
detection
Cross-reference against package registries and project file tree.
interventions
Each drift type has a configurable response. Choose the intervention level that matches your risk tolerance.
Desktop notification or Slack webhook the moment drift is detected. You keep full control and decide what to do.
Corrective context injected into the agent's conversation. Steers the agent back on track without stopping it.
Dangerous actions blocked before execution. The agent receives an explanation and continues with a safer approach.
Caret is the only tool that understands intent, evaluates every action, and intervenes in real time.
| Capability | Caret | LLM observability | CI/CD |
|---|---|---|---|
| Intent capture | ✓ | — | — |
| Real-time evaluation | ✓ | ✓ | — |
| Drift detection | ✓ | — | — |
| Pre-execution blocking | ✓ | — | — |
| Corrective context injection | ✓ | — | — |
| File-level diff capture | ✓ | — | ✓ |
| Cost tracking | ✓ | ✓ | — |
| Session replay | ✓ | ✓ | — |
For full technical documentation on each drift type, detection algorithms, scoring thresholds, and configuration options:
Read the Drift Taxonomy docs →Free during beta. All six detectors active. Unlimited sessions.