Back to vendors
Carson logo

Carson

Also known as: Carson AI, usecarson

Visit site
Enterprise operations agentprivateVerified 2026-07-08

Desktop AI agent that generates custom, task specific workspaces and runs natural language automations across email, Slack and calendar, with runtime level permission enforcement so it can only take the actions you allow.

Carson is a desktop AI agent built around two ideas: adaptive interfaces and serious security. Instead of trapping the agent in a chat bubble, Carson generates custom, task specific workspaces on demand, for example a unified pane that pulls together email, research and LinkedIn while drafting outreach, or a branded slide deck a user can edit through natural language. It connects to work tools such as email, calendar and Slack, carries out multi step knowledge work, and can create and run automations described in plain language, like sending prepared slides to Slack whenever a new intro meeting appears. Its defining feature is runtime level security: a user can tell Carson it may email certain addresses but must ask before others, and that boundary is enforced at the runtime so the agent literally cannot act outside its granted permissions, rather than relying on a model being told to make no mistakes. Positioned as more capable than a general knowledge work assistant and more secure than open ended computer use agents, Carson is designed to be installed inside a company. It was built by a Y Combinator team whose founders previously built secure deployment infrastructure for untrusted workloads and red teamed AI systems at Palantir, Robust Intelligence and Snowflake.

Vendor details

Canonical URL

https://usecarson.com/

Category

Enterprise operations agent

Funding status

Y Combinator (W26). Founding team from Harvard and Stanford with backgrounds at Palantir, Robust Intelligence, Snowflake and Bolto (YC S23). Specific round size not disclosed in retrieved sources.

Company status

private

Use cases & customers

Primary use cases

Adaptive task specific workspaces for knowledge workMeeting preparation and branded slide generationNatural language automations across Slack, email and calendarSecure AI assistant that can be installed at work

Target customers

Knowledge workers and revenue teamsCompanies wanting agents they can safely install at workSecurity conscious enterprises

Deployment options

Desktop applicationInstalled within the company

Integrations

Connects to core work tools including email, calendar and Slack, and pulls in research and LinkedIn context to assemble task specific workspaces. The agent takes actions in these tools such as sending email, posting to Slack and creating automations, all under runtime enforced permission boundaries that constrain exactly which actions and recipients are allowed.

Capability coverage

6.0 / 14 capabilities · 43%

Integrations & Tool CallingConnects to and takes actions in work tools including email, calendar and Slack, and pulls in research and LinkedIn context, for example drafting outreach in a unified pane and sending slides to Slack (usecarson.com; Carson YC W26 launch). Full
Workflow OrchestrationRuns multi step knowledge work across phases (research to email to meeting prep to slides) and can create and run automations described in natural language, such as sending prepared slides to Slack whenever a new intro meeting appears (Carson YC W26 launch). Full
Knowledge Grounding & RAGPerforms deep research and grounds generated emails and slides on the gathered research and context, but no dedicated knowledge base or retrieval augmented generation feature is documented in retrieved sources (Carson YC W26 launch; usecarson.com). Partial
Human Oversight & GuardrailsUsers set explicit permission boundaries such as allowing email to certain addresses but requiring approval for others, and these approvals are enforced at the runtime so the agent cannot act outside its granted permissions (Carson YC W26 launch). Full
Security, Identity & GovernanceSecurity is the core differentiator: runtime level least privilege permission enforcement means the agent literally cannot take unpermitted actions, rejecting broad access or handing an agent secret keys; built by founders who created secure deployment infrastructure for untrusted workloads at Palantir (Carson YC W26 launch; usecarson.com). Full
Observability & AuditabilityNo observability, run tracing or audit log features are described in retrieved sources, though the runtime permission model implies some enforcement logging (usecarson.com; Carson YC W26 launch). Unable to verify
Memory & State PersistenceNo memory or state persistence capability is documented for Carson in retrieved sources (usecarson.com; Carson YC W26 launch). Unable to verify
Deployment & Data ResidencyDelivered as a desktop application that can be installed inside a company, with the team offering hands on installation, but no explicit data residency or self hosted server options are documented (usecarson.com; Carson YC W26 launch). Partial
Prebuilt Agents / Templates / PacksCarson generates interfaces and workspaces on demand rather than offering a library of prebuilt agents, templates or packs; none are documented in retrieved sources (usecarson.com; Carson YC W26 launch). Unable to verify
Triggers & Channel CoverageSupports event triggered automations, for example acting whenever a new intro meeting appears, with delivery across channels such as Slack and email, though the breadth of triggers and channels is early (Carson YC W26 launch). Partial
Model Flexibility & RoutingNo model choice, routing or bring your own model capability is documented for Carson in retrieved sources (usecarson.com; Carson YC W26 launch). Unable to verify
APIs / SDKs / MCP ExtensibilityNo public API, SDK or MCP support for third party extensibility is documented for Carson in retrieved sources (usecarson.com; Carson YC W26 launch). Unable to verify
Testing, Debugging & OptimizationNo user facing testing, debugging or optimization tooling is documented; founder evaluation and red teaming backgrounds are company pedigree rather than a product feature (Carson YC W26 launch). Unable to verify
Browser / Computer-useCarson performs deep research to gather context for its outputs, which implies web access, but there is no explicit general browser or computer use control documented in retrieved sources (Carson YC W26 launch; usecarson.com). Partial

Recent platform changes

No recent material changes tracked yet.

Pricing

No public pricing; Carson is at early access and installed by the team on request.

Undisclosed; early access with hands on installation

Contact onlyMedium variable cost

Cost watchouts

Pricing and contract terms are undisclosed; as an installed enterprise agent there may be setup or per seat costs, none of which are published.

Variable cost rationale

No pricing model is disclosed, so variable cost exposure cannot be assessed; the product is at early access with hands on installation.

Sales call required

Yes — required for paid access

Free / trial

Early access by request after watching the demo; no public free tier

Lowest paid plan

None published; request early access

Key ambiguities

Carson is at early access with no published pricing, so the commercial model, packaging and price are entirely undisclosed.

Verified 2026-07-08

Contact us

Found a vendor we missed? Have feedback on the index? We'd love to hear from you.