Security-first authority and delegation system for AI agents

---

Overview

Caracal is an authority plane for operating AI agents safely in real environments. It solves a concrete platform problem: agents need access to tools, APIs, and providers, but platform teams need that access to be scoped, short-lived, revocable, and auditable without placing provider secrets inside agent code.

The default product path is intentionally small: register an agent app, run an agent run, request a short-lived mandate, call a resource through the Gateway, and inspect the resulting audit trail. The STS evaluates policy and issues Caracal access tokens, the Gateway enforces token validity and provider routing, the Coordinator tracks runtime and delegation state, and Audit records why access was allowed or denied and what happened upstream.

---

Community

GitHub's Open Source Friday

More coming soon

---

Installation & Setup

End Users

Prerequisites

• Docker Desktop 4.x or Docker Engine 24+ with Compose v2
• Git 2.x

Install

The installer provides the thin caracal runtime shell and the caracal-console management interface.

Current RC: pin v2026.05.27-rc.1 until it is promoted to stable. Unpinned installs follow GitHub's latest stable release.
Pin a version: --version vYYYY.MM.DD on Unix or -Version vYYYY.MM.DD in PowerShell.
Change install directory: --install-dir /path on Unix or -InstallDir C:\path in PowerShell.

Linux (amd64 / arm64)

# Console
curl -fsSL https://raw.githubusercontent.com/Garudex-Labs/caracal/main/install-console.sh | \
  sh -s -- --version v2026.05.27-rc.1 --require-provenance

Installs to ~/.local/bin. Override with --install-dir /usr/local/bin (may need sudo).

macOS (Intel / Apple Silicon)

# Console
curl -fsSL https://raw.githubusercontent.com/Garudex-Labs/caracal/main/install-console.sh | \
  sh -s -- --version v2026.05.27-rc.1 --require-provenance

If Gatekeeper blocks the binary: xattr -d com.apple.quarantine ~/.local/bin/caracal.

Windows (amd64) PowerShell

# Console
$installer = "$env:TEMP\install-console.ps1"
iwr -useb https://raw.githubusercontent.com/Garudex-Labs/caracal/main/install-console.ps1 -OutFile $installer
powershell -ExecutionPolicy Bypass -File $installer -Version v2026.05.27-rc.1 -RequireProvenance

Installs to %LOCALAPPDATA%\Programs\caracal. Requires Docker Desktop with WSL2.

Start the stack

caracal up                            # start all services, override with `CARACAL_VERSION=vYYYY.MM.DD caracal up`
caracal status [--ready]              # probe all services
caracal down                          # stop; add -v to remove volumes
caracal purge                         # interactive cleanup (containers, volumes, config, runtime, caches)
caracal console                       # Launch Interface
caracal run -- node worker.js         # workload execution

Contributors

Prerequisites

• Node.js 24+
• pnpm 10+
• Docker Engine 24+ with Compose v2 (or Docker Desktop 4.x)
• Git 2.x
• Go 1.26+ (only when changing Go services or shared Go packages)
• Python 3.14+ (only when changing Python packages)
• Bun (only when building distributable runtime/console binaries)

See CONTRIBUTING.md for clone, setup, testing, and pull request workflow.

---

Maintainers

RAWx18

yashgo0018

Slo-Pix

---

Contributing

See CONTRIBUTING.md for setup, workflow, tests, and pull request standards.

---

Programs

This project is part of the LFX Mentorship 2026 program under the LF Decentralized Trust organization, improving security and open source awareness.

---

License

Caracal is open-source software licensed under the Apache-2.0 License. See the LICENSE file for details.

Developed by Garudex Labs.