PRE-V0 · REGISTRY LIVE · 16 PARTS ATTESTED

MIT · vendored · hash-pinned

Stop asking AI agents to rebuild your backend chassis.

Ctrl AI gives your coding agent verified standard parts for auth, billing, email, webhooks and jobs — vendored into your repo as readable source, locked by conformance tests, wired only through seams.

$npm i -D ctrlai

Paste into AGENTS.md See 16 shipped parts

attested parts

115

contract invariants

234+

tests / run

vendor adapters

agent edits in parts/

01 — What is a part

A part is finished, verified, and yours — your agent writes only the seam.

One contract. Swap the vendor in one commit — zero app-code change.

email.transactional is a finished, hash-pinned, read-only part with 6 verified invariants and 11 passing conformance tests per adapter. The agent writes only the seam (welcome-email.ts). Swap among 3 interchangeable attested vendors — resend, postmark, ses — in one commit with no app-code change.

email.transactionalv1.2.0 · MIT

ATTESTEDexpires Jun 29

send(message: EmailMessage): Promise<SendResult>

6invariantsunchanged

11/11conformance · per adapterunchanged

sha256:75c2ff…fc12cd · read-only

welcome-email.tsthe seam — the agent owns this · everything else is lockedacme · welcome flow →

ADAPTER · swappable

EMAIL_ADAPTER=resendswap = 1 commit · 0 app changes

02 — Vendor economics

Your agent can’t see your bill.
So it picks the vendor that runs it up.

It optimizes for getting it working this session — never next quarter’s invoice — so it reaches for whatever’s easiest to wire. Resend over SES. Clerk over self-hosted. The choices that get expensive at scale.

Clerk / managed Better Auth · your Postgres

Published pricing · mid-2026 · re-verify before quoting.

The code migration is one commit — the new adapter already passed the same conformance suite; provisioning (DNS, account) is still yours.

$ ctrlai upgrade email.transactional --adapter=ses
✔ email.transactional · adapter resend → ses
  same send(), zero seam changes — the contract didn't move

- EMAIL_ADAPTER=resend
+ EMAIL_ADAPTER=ses
  the SES adapter already passed the same conformance suite
  your app code never changes; you keep the ~10× at scale

Put your own numbers on it: model every vendor as you scale — with revenue, margin and AI costs — then generate the build prompt for the exact stack you pick. Code migration is one commit; provisioning (DNS, accounts) is still your ~15 minutes.

See your own number →or get notified when new parts ship:

03 — How it works

Resolve, own, verify — proof that expires, not a badge that lies.

RESOLVE

The agent asks, the registry plans

ctrlai plan returns a deterministic install order, env keys, and exactly which seams to write. One provider per capability — sprawl is a resolver error, not a judgment call.

OWN

Vendored, readable, hash-pinned

ctrlai add copies the part into your repo — every line yours (MIT), every byte pinned. A pre-commit hook and CI reject any edit inside parts/.

VERIFY

Recently — not once, long ago

Each attestation expires in 14 days; a public CI job re-runs every conformance test on a schedule. ctrlai verify checks it offline — integrity fails hard, staleness warns.

✋ parts/billing.subscription/src/index.ts is a part interior — read-only.
   Edits void the attestation and fail CI. Fix YOUR side of the seam, or ctrlai eject to take it private.

04 — See it work

Nothing here is mocked.

The real transcript: install from npm, vendor a part from the live registry, verify the attestation offline, hit the boundary, flip a vendor.

05 — The catalog

16 parts shipped, and growing.

Datasheets, not packages: real source vendored into your repo — like shadcn/ui, but for backend capabilities — each with a contract of testable invariants and a conformance record per adapter.

Stop asking AI agents to rebuild your backend chassis.

A part is finished, verified, and yours — your agent writes only the seam.

Your agent can’t see your bill.So it picks the vendor that runs it up.