01Live
The Standard
Spec v1.0 · CC BY 4.0
- Open, vendor-neutral specification
- Criteria catalog + JSON Schema
- Three reference prompts (Scan, Review-Team, Review-Solo)
- Patent non-assertion covenant
- Free forever — the moat
CARL — Codebase Agent Readiness Level
Standard v1.0 · CC BY 4.0 · Apache 2.0
The open standard for AI-agent readiness.
Five maturity levels. Eight capability pillars. Machine-checkable criteria. The assessor you're watching right now is scoring the repo that publishes the standard — the same tool, the same criteria, no mocks.
Assessinglocal/CARL@———————0 / 0
- Passed
- 0
- Failed
- 0
- N/A
- 0
Standardvv11..00
Criteria2266total
Deterministic2244of catalog
LicenseCCCC BBYY 44..00+ Apache 2.0
§ Three surfaces
One standard. Three ways to use it.
The standard is the moat. The scanner is the product shipping now. The builder is what scaffolds CARL-native apps end-to-end — in alpha internally, public beta after the scanner launch.
02Launching
The Scanner
Hosted assessor · Apache 2.0
- Assess any public GitHub repo in seconds
- Private repos via GitHub OAuth (read-only, one-use token)
- Ephemeral container · sanitized reports · no source code persisted
- README badge · PR comments via GitHub App (coming)
- Free for public · paid for private + team
03Coming soon
The Builder
MCP server + CLI · in alpha
- Scaffolds apps at CARL L3+ from day zero
- Self-scores every commit; blocks regressions
- Works in Claude Code, Cursor, Cline, Roo via MCP — no IDE fork
- Alpha on the Wentzel.ai portfolio first
- Public beta after the Scanner launches
Alpha in Wentzel.ai portfolio
§ Procedure
Three steps. Sixty-second wall clock.
No binary to install, no workflow to wire up. The flow is a pre-flight checklist — deterministic, auditable, safe to run on any repository.
- 01Step
Supply a repository
Paste a public github.com URL or, for private repositories, sign in with GitHub. Minimum-scope OAuth (read:user + repo:read) only — token is used once and discarded.
- github.com/owner/repo
- OAuth scope read-only
- Token never persisted
- 02Step
Ephemeral clone, deterministic assessment
The clone lands in tmpfs-only scratch. The engine runs the deterministic criteria in-process; AI-assisted criteria send file paths + structural metadata only, never file contents.
- tmpfs /tmp, 300s hard budget
- No writeCodeToDisk()
- Sanitizer validates every evidence field
- 03Step
Sanitized report persisted
Level, pillar scorecard, per-criterion findings with remediation. The scratch is discarded with the function lifecycle. The report is the only artifact that survives.
- JSON + Markdown + shareable URL
- 30-day default retention
- Structural observations only — never code
§ The 5 Levels
Five maturity levels, one measurable path.
CARL adapts the CMMI staged representation to agent readiness. L3 (Defined) is the recommended minimum for production workloads maintained with agent assistance.
LvlDefinitionStatus
L1 · InitialCode runs, but agents have no way to verify their own changes.
L2 · ManagedDocumented processes; basic automation supports bounded maintenance.
L3 · DefinedStandards enforced. Agents operate broadly with minimal supervision.
Recommended
L4 · MeasuredThe system measures itself. Agents make data-driven decisions.
L5 · OptimizingSelf-improving systems. Complex work decomposes into orchestrated execution.
§ The 8 Pillars
Eight capabilities, every one measurable.
Each pillar contributes criteria at every level. The shipped 26 criteria in @wentzel/carl-engine v0.1 are 100% deterministic — nothing here is theoretical.
IDPillarL1L2L3L4L5Σ
DOCDocumentation & KnowledgeREADMEs, ADRs, runbooks, and agent-context files that anchor work.122··5
CQVCode Quality & ValidationLinters, formatters, strict types, and hooks that catch drift locally.132··6
TSTTestingUnit, integration, and E2E coverage with thresholds enforced in CI.111··3
BLDBuild & EnvironmentReproducible builds, pinned runtimes, one-command local setup.22···4
OBSObservabilityStructured logs, tracing, and health endpoints for real debugging.·1···1
SECSecurity & Access ControlSecrets hygiene, audit, CODEOWNERS, SBOMs on release.22···4
TIRTask Intake & RoutingStructured templates, labels, triage conventions agents can use.·2···2
DLMDelivery & MeasurementCI gates, preview deploys, DORA signals, self-improving workflows.·1···1
ΣAll pillars71450026
§ Privacy architecture
Privacy engineered, not attested.
CARL is a code scanner — so we treat privacy as an engineering problem, not a marketing one. Every assessment runs in an isolated ephemeral container that self-destructs after writing a sanitized report. Source code never persists. There is no writeCodeToDisk() function in the worker.
When you assess a repository, code flows through four stages in under 60 seconds. Each stage is isolated, logged, and destroyed on completion. No stage writes to persistent storage. The sanitized report is the only artifact that survives.
Ephemeral
60-second maximum container lifetime. Scratch space is RAM-only. No persistent disk touches your code.
Isolated
Firecracker micro-VMs with outbound network restricted to GitHub and (optionally) your chosen LLM provider.
Sanitized
We retain scores, findings, and remediation text. We never retain source code, file contents, or secrets.
Self-hostable
For air-gapped or strict-compliance environments, run CARL as a Docker image on your own infrastructure.