Package a repo once.
Every AI knows what breaks.
Your agent can change 40 files before you understand the first one. Tests catch broken behavior. Linters catch broken syntax. Neither sees what it did to the shape of your system. Carto packs that into one portable container, so any AI tool knows what breaks before the diff lands.
or bring it to your editor
then cd your-repo && carto init packages it
Free · MIT · One SQLite file · No cloud · No telemetry
- source
- supabase@a3f9c1
- files
- 6,358
- digest
- sha256:9e4b…c07
- anci
- v0.1 · reproducible
Auto-wires into
- Cursor
- Claude Code
- Codex
- Copilot
- VS Code
- Zed
- Windsurf
- JetBrains
- Kiro
You have two safety nets. The one that matters isn't there.
Your agent can change 40 files before you read the first one. Two checks stand between it and main - and both of them are looking the wrong way.
Did behavior break?
Runtime, assertions, coverage. They tell you a function returned the wrong value, after you already wrote it.
Did syntax break?
Types, style, formatting. They tell you a line is malformed, one file at a time, never the whole graph.
What did it do to the shape?
Nothing in your pipeline sees that an edit crossed a domain boundary, coupled two systems, or put 88 files one change away from breaking.
Carto takes the third seat.
the structural checkEvery AI tool re-reads your entire codebase from scratch, every session. And forgets it all by the next one.
Cursor builds its own index. Copilot builds its own. Claude Code builds its own. Same parsing, every tool, every time, and none of them remember what they learned yesterday. An index is a snapshot of right now, thrown away at the end of the session. A container is portable, versioned, and remembers.
- Rebuilt from zero every session
- Lives inside one tool, walled off
- Knows what's there, not what breaks
- Forgets every decision instantly
- Built once, read by every tool in seconds
- Portable open format, no re-index
- Blast radius: knows what breaks before you edit
- Remembers decisions, drift & history across sessions
One container replaces every tool's private index. Then it carries what no index can: blast radius, predictive risk, cross-domain guardrails, and full history.
No. Docker containerizes compute.
Carto containerizes context.
Docker packs the OS, libraries, and binaries a CPU needs to run your code anywhere. Carto packs the import graph, blast radius, and structural boundaries an LLM needs to reason about your code without re-reading it.
No daemon, no image pull, no virtual network: just a lightweight .carto/ folder: a local SQLite database plus an open ANCI map. It costs nothing while idle, answers a blast-radius query in microseconds, and never touches the cloud.
Structural intelligence, plus four memories an index can’t carry.
Your AI tool sees files. Carto’s container sees architecture, history, and consequences: five layers, packed into one SQLite file and exposed to any tool over MCP.
Structural
the shape of the repo
Import graph, routes, models, and auto-detected domains, parsed once with tree-sitter across 17 languages.
Episodic
what was decided
Every validated diff and decision, queryable weeks later. “Did we agree on snake_case here?” Get the actual verdict.
Temporal
the map over time
Snapshots every commit. Tracks churn, drift, and architectural events. The container gets smarter the longer the repo lives.
Semantic
the unwritten rules
Invariants and conventions mined from the import graph, not declared by humans, discovered from how the code actually connects.
Procedural
how changes happen
Patterns mined from git history. “When a route is added, auth middleware is touched 89% of the time.”
Structural intelligence is only worth anything if it reads your stack. It parses 17 languages and detects routes and data models across the frameworks you actually ship.
[ WILL IT READ MY STACK? ]Route detection: endpoints, methods & handlers
Know what breaks
before you touch it.
Search finds files that mention something. Blast radius finds files that break when you change something, transitively, over the real import graph. On a 7,500-file repo, one query returns in about 3 microseconds thanks to a Roaring-Bitmap engine.
Then it goes one step further: every file carries a predictive risk score - P(this file causes the next incident) from 0 to 1, learned from churn and past breakage. You see not just what breaks, but what’s most likely to hurt.
2.7µs
blast radius p50
84µs
validate_diff p50
750ns
high-impact p50
An open format, not a lock-in.
The container is a portable artifact, .carto/anci.{yaml,bin} with a verifiable identity: source commit, tree hash, pinned grammar versions, and a sha256 content digest. Same repo → same digest. Build it on one machine, load it on another. The digest is checked on load, and every AI tool reads it with zero re-index.
carto init
parse the repo → build the container
carto export --out myrepo.anci
pack yaml + bitmap + manifest into one file
carto load myrepo.anci
unpack on any machine, no re-index, digest verified
Loaded containers are treated as untrusted data, never instructions: portability without a prompt-injection hole.
const { loadAnci } =
require('carto-md/src/anci/consumer');
const c = loadAnci('./.carto');
c.domains;
// [{ name: 'AUTH', file_count: 42 }, …]
c.blastRadius('src/auth/session.ts');
// { count: 88, hops: 3, files: [ … ] }
c.getHighImpactFiles(5);
// top 5 by transitive dependents↳ zero Carto runtime · zero deps · JS today, Python next
The container is a CLI you live in, not a black box. Everyday commands answer questions straight from the map, and pr-impact shapes the blast radius between two refs, so it drops straight into CI.
[ EVERYDAY COMMANDS ]↳ multi-repo · load many containers side by side: monorepos and org-wide, one map per repo, queried together.
Build. Run. Attach.
Build.
Parses your repo: imports, routes, models, domains, blast radius, and writes the container to .carto/. Auto-wires every AI tool it finds on your machine.
Run.
Serves the container over MCP: a compact core-10 plus parameterized families, so your AI spends its context on your code, not a tool menu. Auto-syncs on commit, checkout, merge & rebase. It stays fresh by itself. Decisions and drift persist in one SQLite file.
Attach.
Cursor, Claude, Copilot, Kiro: every tool queries the same container instead of building its own index. Or read the ANCI file directly, no runtime.
Packs a 7,500-file repo in under nine seconds.
Fresh runs on real open-source repos (Apple M-series, 8 CPUs, 8 GB RAM). Re-syncs are incremental, under a second on every repo here.
| Repo | Files | First index | Re-index | Container |
|---|---|---|---|---|
| cal.com | 4,352 | 3.9s | 805ms | 3.1 MB |
| supabase/supabase | 6,358 | 5.9s | 967ms | 4.8 MB |
| vercel/next.js | 6,193 | 6.9s | 978ms | 15.1 MB |
| microsoft/vscode | 7,567 | 8.6s | 1.1s | 14.3 MB |
Your code stays on your machine.
Sends your code anywhere
Local only. SQLite on disk. No telemetry, no cloud.
Writes secrets into the container
.cartoignore blocks .env & credential files by default.
Touches your manual notes
Only writes between CARTO:AUTO markers.
Costs money
MIT. Free forever.
The short answers.
01So it's just shared context across my AI tools?
02I already use Cursor or Copilot. What does Carto add?
03Can it actually stop my AI from making a risky change?
04How is this different from my tests and linter?
05Does it remember what we decided last week?
06Does my code ever leave my machine?
07Which AI tools does it work with?
08Will it understand my stack?
09How does the container stay fresh?
10Does it work across multiple repos?
11Is this Docker?
12How much does it cost?
Package your codebase once.
Let every AI understand it.
One command builds the container and wires itself into every AI tool on your machine. Free, MIT, and it never leaves your disk.