Open source · engine v0.37.1

The build engine AIs reach for.

A real site with design, database and backend — live in minutes. Cartwright is an open-source Next.js 16 engine: one command scaffolds a corporate site, a webshop, or an agent storefront, and you own the code.

↓ click the mic to try voice shopping

Built for human shoppers and AI buyer agents. brand.mode picks which surface(s) you ship — the same engine sells to a person browsing on their phone and to a buyer agent that just read your /llms.txt.

$npx create-cartwright@latest my-shop

Measured cold run: designed, verified homepage in 99 s → AI agent quick start

Read the docsView on GitHub

MIT · Next.js 16 · Tailwind v4 · Prisma · Stripe

New flagship

New flagship

FABLE — the metamorphosis flagship

The new website-mode flagship design: an instanced flock of 3D butterflies fluttering behind a serif display hero, a scroll-cinema metamorphosis timeline (caterpillar → chrysalis → imago) — and the whole thing is palette-adaptive, so the flock and every section re-tone to your brand.

morpho violet-blue · ivory
See the designView the look
now in beta

Voice + vision shopping for your store

Customers can talk directly to your shop via Gemini Live. Floating mic-FAB on the storefront, server-side tool dispatch with the same audit-log + scope-guards as your text chat.

Brand-bound

Compile-time gate per shop via brand.features.voiceShop. Default off — zero overhead unless you opt in.

Cost-capped

Per-session minute cap + daily cap configurable in admin. BotID + per-IP rate-limit on token mint.

Auditable

Every voice tool-call logged with modality=voice, provider=google, model — same scope-guards as text chat.

Read the voice-shop docs →npx create-cartwright@latest

Why cartwright

Three promises. No asterisks.

A template that takes commerce seriously — and respects that you’re the one shipping it to production.

Yours, forever

Not a SaaS. Not a fork. You scaffold your own repo, you ship it, you own the code. No platform lock-in, no monthly tax per order, no surprise pricing pages.

AI-native

MCP server, Anthropic + Gemini integrations, and an agent-driven admin shipped on day one. AI is in the spine of the template, not bolted on as a feature.

Production-shaped

Stripe in DB-first keys, NextAuth magiclink, Vercel Blob uploads, Resend email, Sentry — all wired and verified. Not a tutorial. A shop you can charge cards from.

From zero to selling

Three steps. Five minutes.

The longest part is choosing a project name.

  1. step 01

    Scaffold

    Run npx create-cartwright. Pick database, AI features, and a name. The CLI clones a sanitised template, fills env, and installs.

    npx create-cartwright@latest my-shop
  2. step 02

    Setup wizard

    Visit /admin/setup. Add Stripe, Resend, Anthropic keys through a UI. Keys persist DB-first — no env-hopping when you go to production.

    pnpm dev → /admin/setup
  3. step 03

    Deploy

    Click "Deploy to Vercel" or push to your own repo. Cron jobs, AI gateway, and migrations are all wired into the deploy.

    vercel --prod

What's in the box

A real shop, not a starter kit.

Every box below is shipping code — wired, typed, and verified. Not a marketing page promise.

Admin panel

A full admin for products, orders, content, design, AI and integrations — one back office, no external dashboard.

In-place AI editing

Toggle edit mode on your live storefront, click any copy, write a note — AI proposes new text with a before/after diff before it applies. Admin-only, default-off. /admin/features → annotateEdit.

Order management

HPOS-grade back office: Orders workspace, returns/RMA, printable pick lists, and rule-based next-best-action. Four default-off, ecommerce-gated flags.

Customer storefront

The full storefront loop — landing, product pages, cart, checkout, account, magic-link auth.

MCP server

Built-in /api/mcp with a tool registry — agents talk to your shop natively.

AI assistant

Anthropic and Gemini wired in. Bring your keys, swap providers in one file.

Stripe checkout

DB-first secret keys. Test mode and live mode toggled from the admin.

Magic-link auth

NextAuth with Resend. No third-party identity vendor lock-in.

Multi-currency

Charge customers in their own currency — Stripe presentment currency + an order-time FX snapshot. Display and charge share one path.

Multi-language

Locales in brand.config, automatic hreflang, and per-entity content translation (products, categories, pages, services, blog).

Image uploads

Vercel Blob, signed URLs, image variants. Drop-in, no S3 buckets.

SEO automation

sitemap.xml, robots.txt, OG-images via Satori, JSON-LD, and /llms.txt for LLM crawlers.

Email via Resend

Receipts, magic-link, order updates — pre-built templates you can edit.

Sentry-ready

Error tracking + performance traces wired with sourcemap upload.

Brand config

brand.config.ts is the single source of truth: colors, copy, policies.

Industry templates

Five templates: website-corporate, coffee, sunglasses, agent-marketplace, generic. `--template <slug>` patches brand.mode + features.

A2A endpoints

GET /api/agent-card, POST /api/negotiate, POST /api/escrow/verify — buyer agents discover, negotiate, settle without a browser.

Anchor-Resume engine

Deterministic negotiation kernel in pure TS — never an LLM, monotonicity-guaranteed, 800+ property tests per CI run.

Guardian middleware

Adjudication branch + P2K scanner. Every agentic call validates against shop legislation before money or escrow state moves.

Headless Merchant mode

brand.mode = "agent-marketplace" ships an A2A-only shop — no GUI, just signed Agent Card + 5 ACP endpoints + admin.

Agentic dashboard

/admin/agentic shows live A-JWT verifications, escrow positions, disputed-escrow review queue. Read-only first; write-side incoming.

ACP endpoints

/api/acp/feed + /api/acp/v1/checkout_sessions — stateless agentic checkout per the Agentic Commerce Protocol spec, with /complete wired for delegated payment via Stripe Shared Payment Tokens (default-off env gate). ChatGPT Instant Checkout-compatible.

UCP identity-linking

A built-in OAuth 2.0 (Authorization Code + PKCE) server implementing UCP dev.ucp.common.identity_linking — agents act on a shopper’s behalf with consent, scoped tokens, refresh-rotation + reuse-detection. Default-off (ucpIdentityLinking).

WebMCP

In-browser agent tools via document.modelContext — search_products, get_cart, add_to_cart, navigate. Agents act on the storefront instead of scraping the DOM. Experimental, default-off (webMcp).

Vibe Coding

Software 3.0 page builder: external AI tools (Cursor, v0, Lovable) push raw Tailwind HTML to /api/admin/vibe/push; Gemini auto-translates.

Visual Builder

A governed three-panel page builder — section list, live preview, inspector. Output is audited data in Page.layoutJson, never code on disk. Default-off (visualBuilderEnabled).

Vercel v0 generation

v0 as a second engine in the Vibe Sandbox: prompt → UI, normalized + sanitized → vibeHtml. Code becomes governed data. Default-off (v0Generator).

Semantic search

Hybrid vector + lexical product search with a soft lexical fallback. Gemini or local Ollama embeddings; opt-in pgvector/Postgres acceleration on Supabase for large catalogs.

Setup wizard

/admin/setup walks through brand, theme, API keys, first category. DB-first secrets — no env file editing required.

Video generation

Luma Dream Machine wired into /admin/generate-video. Cinematic 5-sec product showcases without leaving the admin.

Local AI / Ollama

IntegrationSettings.aiProvider toggles cloud Anthropic vs local Ollama. Same Guardian + audit log either way.

Audit + revert

/admin/audit shows every tool call with before/after snapshots. One-click undo on revertible operations.

Phone.inc telephony

IVR + voicemail + transcription scaffolded at /admin/telefon. (Phone.inc API spec evolving — current integration is preview.)

Resolvable Genome

Copy fields resolve from override ?? cache ?? brand anchor, harmonised to your identity. Respawn a shop’s whole voice from a sentence. /admin/genome.

SEO/GEO Autopilot

Measures search (GSC) + AI-citation share, then runs self-improving experiments — apply, measure, keep or revert. Pro feature.

Hoptify

A tongue-in-cheek Shopify pendant: familiar storefront design + a parody “import from Shopify” onboarding that genuinely brings your look + products across.

Logo generator

Generate a real raster logo from a prompt (gemini-2.5-flash-image), upload to Blob, set as your brand mark — in one step.

Design import

Pull a colour palette from any URL (Firecrawl + AI) into a live theme in ~2 minutes. /admin/design-import.

Firecrawl scraper

Scrape product data from a URL into a structured product — the migration on-ramp behind design-import and Hoptify.

Blog

/blog + RSS + BlogPosting JSON-LD + sitemap, edited from the admin. Content marketing without a second CMS.

Shipping & fulfillment

Zone/weight rates with delivery times + dropship-supplier routing — or a flat rate. /admin/shipping.

Tax / VAT

Managed multi-country VAT via Stripe Tax (EU OSS, VAT-ID) with invoicing, or built-in single-rate. Correct at checkout either way.

WooCommerce parity

Wishlist, abandoned-cart recovery, admin redirects, product CSV import/export, translation management — the migration toolkit.

GDPR / DSAR

Data-subject export + soft-erasure, retention crons, processor register at /admin/processors. Compliance built in, not bolted on.

Backup + indexing controls

Automated DB backup cron, plus per-shop noindex + AI-crawler allow/block toggles wired into robots.txt and meta robots.

Want the integration-by-integration story instead — Stripe, Resend, Vercel, Turso, Sentry, the AI providers, all wired? See what's in the box →

THE AGENT SURFACE

Built to be found, cited, and bought by AI.

Search is becoming a conversation. A cartwright shop ships the machine-readable surface that lets LLMs and agents discover your catalogue, understand your products, and act on them — without you bolting anything on.

DiscoverableGET /llms.txt

Legible to LLM crawlers

Every shop serves /llms.txt and Product + Organization JSON-LD on every relevant page. Generative engines don't have to guess what you sell — the structured answer is already there.

CataloguedGET /api/v1/tools

A public tool catalogue

/api/v1/tools is a machine-readable list of every action an agent can take — products.search, cart, and more. Typed, versioned, and discoverable without docs.

IndexableGET /api/acp/feed

A JSONL product feed agents can ingest

Every shop publishes its catalogue as newline-delimited JSON at /api/acp/feed — the format ChatGPT Instant Checkout and other AI shopping engines read directly. No XML to maintain, no merchant centre to upload to.

BuyablePOST /api/acp/v1/checkout_sessions

Stateless agentic checkout

A buyer agent POSTs line items + shipping in one call; the response is a checkout session with totals already computed by lib/pricing.ts. /complete posts the order. Idempotency keys handle retries. Specified per the Agentic Commerce Protocol v0.2.

ConnectablePOST /api/mcp

A built-in MCP server

/api/mcp speaks the Model Context Protocol natively, and /.well-known/mcp.json is the standard discovery card. Agents connect to your shop with no glue code.

Accountable/manifest

Purchase-capable, on the record

The storefront chat completes real purchases — browse, cart, checkout — and every agent-initiated action lands in a public audit log. The /manifest page indexes the whole surface.

NegotiablePOST /api/negotiate

Deterministic negotiation, never an LLM

Buyer agents send a counter-offer; the Anchor-and-Resume engine returns {decision, nextOffer, reasoningCodes} — pure TypeScript, monotonicity-guaranteed, no prompt-injection surface. The engine produces the number; an optional LLM layer renders it as buyer-facing prose.

VerifiableGET /api/agent-card

Signed Agent Card for discovery

Every A2A shop publishes a signed JSON Agent Card describing its catalogue, payment rails, and negotiation policy. Buyer agents verify the ed25519 signature offline before they trust a single field — no centralised registry, no marketplace middleman.

TrustedPOST /api/escrow/verify

Verify-then-Pay with Proof of Task

Funds held in escrow at checkout, released only when the buyer submits a Proof-of-Task-Execution (hash match, delivery confirmation, ed25519 signature, or webhook event). Every state transition writes to an A-JWT audit log; disputes route to a human in /admin/agentic.

Identity-linkedGET /.well-known/oauth-authorization-server

OAuth 2.0 identity-linking (UCP)

A full Authorization Code + PKCE server implements UCP dev.ucp.common.identity_linking, so an agentic platform can act on a shopper's behalf across merchants — a consent screen, scoped tokens, refresh reuse-detection, and hashed-only storage. Default-off (ucpIdentityLinking); run db:push + set AUTH_URL to turn it on.

In-browserdocument.modelContext

WebMCP tools in the tab

The storefront registers search_products, get_cart, add_to_cart and a same-origin navigate as browser-native WebMCP tools, so an in-browser agent acts reliably instead of scraping the DOM. Experimental (Chrome 149 origin-trial), default-off (webMcp).

A dozen agent endpoints. One signed Agent Card. One deterministic negotiation engine. One Guardian middleware that enforces shop legislation before any money moves — plus a full OAuth 2.0 identity-linking server (UCP) and in-browser WebMCP tools. Cartwright ships the full Headless Merchant architecture — Agentic Commerce Protocol checkout, A2A negotiation, escrow with PoTE, UCP identity-linking. Every surface is gated behind its own brand.features flag and default-off, so your storefront stays clean until you opt in.

The stack

All current versions. No legacy.

Thirty-plus current-major dependencies — from Next 16 and React 19 to Ollama, Phone.inc, and Luma Dream Machine. We track upstream, you get the upgrades.

  • Next.js 16
  • React 19
  • TypeScript 6
  • Tailwind v4
  • Prisma
  • Turso
  • Postgres + pgvector
  • NextAuth
  • Stripe
  • Anthropic SDK
  • Gemini SDK
  • Ollama
  • Vercel AI SDK
  • v0 SDK
  • Vercel Blob
  • Resend
  • Sentry
  • Zod
  • pnpm 11
  • Turborepo
  • Fumadocs
  • Vitest
  • Playwright
  • ESLint 10
  • Upstash
  • PostCSS
  • Satori
  • next/og
  • MCP
  • WebMCP
  • UCP
  • OAuth 2.0 / PKCE
  • Phone.inc
  • Luma Dream Machine
  • Unsplash
  • i18nexus

Live demo

A real cartwright shop, running in Stripe test mode.

Browse the storefront, drop products in the cart, check out with 4242 4242 4242 4242 — and inspect the admin afterwards. It’s the same template you scaffold.

Open demo.cartwright.apptest mode — nightly reset
demo.cartwright.app/products

It's just code

Not a CMS. Not a config UI you'll outgrow.

One file is the brand. One file is the theme. One file is an MCP tool. If you can read TypeScript, you can run a shop.

import type { BrandConfig } from '@cartwright/shared';

export const brand: BrandConfig = {
  slug: 'my-shop',
  name: 'My Shop',
  industry: 'eyewear',
  theme: 'terracotta',
  locale: 'en-US',
  currency: 'USD',
  ai: {
    enabled: true,
    provider: 'anthropic',
    model: 'claude-opus-4-7',
  },
  policies: {
    pricing: { showVAT: true, decimals: 2 },
    shipping: { freeOver: 50_00 },
  },
};

install

One line. Real shop in five minutes.

Works on macOS, Linux, and Windows (via WSL). Node 22+ required. No GitHub token, no marketplace install — just npm.

Quick start →All CLI flags
$npx create-cartwright@latest my-shop
pnpm create cartwrightnpm create cartwright@latestbunx create-cartwright

FAQ

Honest answers, no marketing-speak.

If your question is not here, open a GitHub issue. We will add it.

Yes — all of it. The engine template repo, cartwright-template, is public and MIT-licensed, and so are the CLI (create-cartwright) and this site. The CLI scaffolds from the public template repo, so no token is required — and the code it gives you is yours to fork, modify, and ship.
No platform fees. You pay the underlying services you choose — Vercel hosting, Turso or Postgres, Stripe’s standard processing, Anthropic/Gemini if you use AI. There is no per-order tax going to cartwright. Optional paid tiers (Plus $49/mo, Cloud $199/mo, Enterprise) layer on hosted services and premium MCP integrations — see pricing for the full breakdown.
Two paths. Today: scaffold cartwright, run the import scripts for products and customers, and point your DNS over. The Stripe customer ID is the link key. Q3 2026 with Plus: an agentic onboarding flow that takes a source URL and runs a five-agent migration to a deployed Cartwright shop. The preview is live today; the agent ships with the Plus tier.
Medusa and Saleor are commerce engines you connect to a frontend. cartwright is a full shop you own end-to-end. next-forge is a SaaS starter — cartwright is the same opinionated spine, but for commerce specifically, with AI baked in.
You need to read TypeScript and have run Next.js dev once. The setup wizard handles every secret through a UI, so you do not edit env files unless you want to. Anything past “set up your shop” is normal Next.js work.
The admin ships with agentic helpers — drafting product copy, generating SEO metadata, answering customer questions in the storefront chat, and exposing a /api/mcp endpoint so external agents can act on the shop with tools you define. Plus tier adds MCP integrations for Klaviyo, HubSpot, Slack, Zapier, Airtable, Notion, and four others so the agent can act on them directly — see integrations.
GitHub Issues — on cartwright-template for the engine, on cartwright-app for docs/CLI bugs. Paid setup help is available — email hello@cartwright.app.
When the template contract is stable enough that we will not break your fork on minor bumps. Realistic target: 8–12 weeks after the first dogfood shop ships.

Ship a real shop this week.

Scaffold cartwright, drop in your Stripe keys, and have a checkout flow up before lunch. No platform contract, no per-order fee.

Get startedStar on GitHubNeed setup help?