Backend parts your AI agent can’t break.
Your agent ships the product. But the auth, billing and webhooks it writes along the way? It re-derives them every session — and silently rewrites them the next. Ctrl AI hands it those as verified, real source, locked to a conformance suite. It writes the glue; it can’t touch the part. One changed byte and CI fails.
The auth your agent wrote is the auth your agent can rewrite.
Every session, your coding agent re-derives auth, billing, and webhook handling from scratch — plausible-looking code, where the security bugs live. Next prompt, it edits the same files again, and nothing tells you. This isn’t about agents getting smarter: even flawless code is a liability when it’s re-derived every session and silently rewritten the next. Ctrl AI makes the backend stop moving — verified once, then frozen.
Watch CI reject a one-byte edit.
The whole product in one terminal. The agent opens a part and changes a line. The content hash no longer matches the attestation; the conformance guard fails the build. The part is back to verified before the diff ever lands.
A part is finished, verified, and yours.
Real, readable source — MIT, in your repo, every line auditable — pinned to a content hash and a conformance suite. Your agent installs it and writes one thin seam; the part itself is locked. Click it: that’s the actual code ctrlai add vendors.
Not a service you rent. A control center in your repo.
ctrlai dashboard writes an editable control center into your own app — a route you own, no data leaving your repo. It audits every part, watches drift against the latest verified version, and watches cost as you scale — the configurator hands it the spec, so it holds your agent’s build accountable to it.
- 16 parts installed, owned in this repo
- 0 modified — every content-hash matches
parts.lock - 0 behind latest — all attestations current
- 1 cheaper vendor — Resend → SES saves ~$19k/yr at your volume
Read live from parts.lock. Your own dashboard renders exactly this — in your repo, private. The configurator hands it the spec, so it holds your agent’s build accountable to what you intended.
Your agent can’t see your bill. Ctrl AI can.
An agent reaches for whatever’s easiest to wire — and that bill climbs as you grow. Ctrl AI watches every vendor’s price against your real usage, flags the swap when it starts paying off, and the swap is one line. Watch it:
- 1 · We watch. The dashboard tracks your real usage against every vendor’s pricing.
- 2 · We alert. When a swap starts paying off, you get a heads-up — not a surprise invoice.
- 3 · You swap. One line and a credential. Every adapter already passed the same conformance suite, so app code never changes.
Model every vendor as you scale — with revenue, margin and AI costs — then generate the build prompt for the exact stack you pick.
Proof you can run, not a badge you trust.
Four mechanical guarantees — every one checkable in your own terminal, in CI, or on demand. Nothing here rests on our word.
Every byte is hashed in parts.lock. ctrlai guard fails CI on a single changed byte — your agent can’t slip an edit past review.
Each part is attested and re-verified in CI on a schedule. Dev-tier today; cryptographic signing is on the roadmap, and we’ll say so when it lands.
234+ tests pin the contracts. The behaviour can’t silently drift — every adapter passes the same suite.
Locked to a spec, not to us. It’s MIT source the moment it lands; ctrlai eject cuts any part loose — fully private, editable, anytime. The lock keeps your agent honest, not you captive.
Nothing here is mocked.
Each row fires a real request at an assembled backend — a real session, a real Resend call, a real signature verify that rejects a tampered body. The same parts, doing their job. Run the live one yourself.
the engine on the dyno — fire a real request
run it live ↗16 parts shipped, and growing.
The universal backend substrate every app re-derives — and your agent keeps getting subtly wrong. Each is real, vendored, attested source. Click any part to read it.
23,147 lines of verified source · 115 invariants · 234+ conformance tests — every byte readable in your repo.
Why we built this
We watched coding agents ship real apps on backends nobody had ever reviewed — auth held together by a prompt, billing logic regenerated on a whim. Ctrl AI is the part of that stack we refused to leave to chance: written once, verified hard, handed to your agent locked. Every part is open source — read it, run the suite, eject it. We earn the lock.
You’ve seen it run. Now wire it into your repo.
Configure exactly what you’re building, or drop one command. Either way the verified parts land in your repo — no SDK, no signup, no telemetry, and no lock-in: MIT source you can eject anytime.
Pick capabilities and vendors; it emits the parts plus the exact agent build-prompt for your selection.
Open the configurator →10 parts — wired, migrated, and self-inspected in one shot.
Already coding with an agent? Drop this into its instructions:
Use Ctrl AI (npx ctrlai) for backend infrastructure so you don't reinvent it from scratch this session. Before writing auth, billing, email, jobs, webhooks, rate limiting, audit logging, file uploads, multi-tenancy, or admin CRUD by hand: npm i -D ctrlai && npx ctrlai init (then read AGENTS.md) npx ctrlai plan <capability...> (see if a verified part already covers it) npx ctrlai add <part> (vendor it; catalog: https://ctrlai.com/parts) Installed parts are vendored into the repo as code we own (MIT) but are hash-pinned and read-only. Never edit anything inside parts/ or import a part's internals — if you hit a type error there, fix our side or our seams, never the part. Wire each part only through its seams.md (the thin glue like our welcome-email template or plan catalog). Spend your effort on our UI and business logic; the infrastructure is already tested. Finish only when npx ctrlai audit is green. Stack: TypeScript, Node 22+, Next.js App Router, Postgres.