AI Agent Security & Governance SDK
Deterministic governance, guardrails, cost tracking, and policy management for LLM applications. Open source. TypeScript + Python. Works with any provider.
Website Β· Documentation Β· Examples Β· Contributing
TealTiger is an open-source SDK that provides deterministic governance for AI agents. It enforces security policies, tracks costs, and produces structured evidence β all at runtime, with no infrastructure required.
Looking for the source code? This is the hub repo. The SDK source lives in the language-specific repos:
- TypeScript SDK: tealtiger-typescript-prod
- Python SDK: tealtiger-python-prod
Or clone this repo with submodules:
git clone --recurse-submodules https://github.com/agentguard-ai/tealtiger.git
Unlike probabilistic safety filters, TealTiger uses deterministic policy evaluation: same input + same policy = same decision, every time. Every governance verdict is reconstructable, traceable to the human who authored the policy, and exportable as structured evidence (SARIF, JUnit XML, JSON).
Key principle: Governance should be an engineering property embedded in the runtime β not a document reviewed after the fact.
npm install tealtigerimport { TealOpenAI } from 'tealtiger';
const client = new TealOpenAI({
apiKey: process.env.OPENAI_API_KEY,
guardrails: {
piiDetection: true,
promptInjection: true,
contentModeration: true,
},
budget: {
maxCostPerRequest: 0.50,
maxCostPerDay: 10.00,
},
});
const response = await client.chat.completions.create({
model: 'gpt-4',
messages: [{ role: 'user', content: 'Hello!' }],
});
// Guardrails enforced. Cost tracked. Evidence produced.pip install tealtigerfrom tealtiger import TealOpenAI
client = TealOpenAI(
api_key=os.getenv("OPENAI_API_KEY"),
guardrails={
"pii_detection": True,
"prompt_injection": True,
"content_moderation": True,
},
budget={
"max_cost_per_request": 0.50,
"max_cost_per_day": 10.00,
},
)
response = client.chat.completions.create(
model="gpt-4",
messages=[{"role": "user", "content": "Hello!"}],
)
# Guardrails enforced. Cost tracked. Evidence produced.Docker Sidecar (any language):
docker run -p 8080:8080 tealtigeradmin/tealtiger-typescript:1.2-governance
curl -X POST http://localhost:8080/evaluate \
-H "Content-Type: application/json" \
-d '{"action": "tool.execute", "tool_name": "web_search", "context": {"user_id": "user-123"}}'- PII Detection β Detect and redact sensitive information automatically
- Prompt Injection Prevention β Block malicious prompt injection attempts
- Content Moderation β Filter toxic, harmful, or inappropriate content
- Secret Detection β 500+ patterns across 9 categories with confidence scoring
- Custom Rules β Define your own security policies
- Budget Enforcement β Hard limits per request, session, and day
- Cost Tracking β Real-time monitoring across all providers
- Cost Alerts β Notifications at configurable thresholds
- Circuit Breakers β Prevent runaway cost loops automatically
- OpenAI β GPT-4, GPT-4o, GPT-3.5
- Anthropic β Claude 3.5, Claude 3
- Google Gemini β Multimodal support
- AWS Bedrock β Claude, Titan, Jurassic, Command, Llama
- Azure OpenAI β Deployment-based routing
- Cohere β Chat, RAG, embeddings
- Mistral AI β European data residency
- Deterministic Policy Evaluation β No LLM in the governance path
- Structured Evidence β Every decision produces a reconstructable record
- Correlation IDs β End-to-end traceability across the decision chain
- Policy Traceability β Every verdict traces to the human policy author
- OWASP ASI Coverage β Addresses 8/10 OWASP Top 10 for Agentic Applications
- TealEngineV12 β Parallel module evaluation with "most restrictive action wins" merge
- TealSecrets β Secret detection with 500+ patterns and confidence scoring
- TealRegistry β Model/tool allowlisting with provenance verification
- TealReliability β Retry budgets, circuit breakers, and fallback chains
- TealMemory β Memory governance across 5 scopes and 4 classifications
- GovernanceDashboard β Governance visibility UI
- BundleExporter β Evidence export in SARIF v2.1.0, JUnit XML, and JSON
- Docker Sidecar β Language-agnostic governance via HTTP (
POST /evaluate)
| Component | Source Code | Package | Install |
|---|---|---|---|
| TypeScript SDK | tealtiger-typescript-prod | npm | npm install tealtiger |
| Python SDK | tealtiger-python-prod | PyPI | pip install tealtiger |
| Helm Charts | helm-charts | Helm | helm repo add tealtiger https://agentguard-ai.github.io/helm-charts |
| GitHub Action | tealtiger-action | Marketplace | uses: agentguard-ai/tealtiger-action@v1 |
- Quick Start Guide
- Security Guardrails
- Cost Governance
- Provider Setup
- Contributing Guide
- Security Policy
- Code of Conduct
- Roadmap
TealTiger is open source and we're looking for early contributors to shape the future of AI agent governance.
| Area | Examples | Difficulty |
|---|---|---|
| π Secret Detection | New detection patterns, custom categories | π’ Beginner |
| π Documentation | Guides, examples, API docs, typo fixes | π’ Beginner |
| π§ͺ Tests | Unit tests, property-based tests, integration tests | π‘ Intermediate |
| π Integrations | LangChain, CrewAI, AutoGen, LlamaIndex middleware | π‘ Intermediate |
| πΎ Memory Adapters | Redis, Pinecone, Weaviate, ChromaDB adapters | π‘ Intermediate |
| π CI/CD Templates | Jenkins, Azure Pipelines, Bitbucket Pipelines | π‘ Intermediate |
| ποΈ Core Modules | Governance engine, evidence export, policy evaluation | π΄ Advanced |
- π Named in CONTRIBUTORS.md and release notes
- ποΈ "Founding Contributor" badge β first 25 merged PRs get permanent recognition
- π£ Shoutout on TealTiger social channels (LinkedIn, X, Dev.to)
- π Early access to upcoming governance features before public release
- π¬ Direct access to the core team via GitHub Discussions
- π Co-authorship opportunity on technical blog posts
# 1. Star this repo (it helps!)
# 2. Fork and clone the SDK you want to contribute to:
# TypeScript SDK:
git clone https://github.com/agentguard-ai/tealtiger-typescript-prod.git
# Python SDK:
git clone https://github.com/agentguard-ai/tealtiger-python-prod.git
# 3. Pick a "good first issue"
# https://github.com/agentguard-ai/tealtiger/issues?q=label%3A%22good+first+issue%22
# 4. Submit a PR
# 5. Join the team π―See CONTRIBUTING.md for detailed guidelines.
Current: v1.2.0 β Governance Bundle
- 7 governance modules across 6 dimensions
- Formal evidence contract with named reason codes
- Secret detection (500+ patterns, confidence scoring)
- Memory governance (5 scopes, 4 classifications)
- Reliability controls (retry budgets, circuit breakers, fallback chains)
- Model/tool registry with allowlisting and provenance verification
- Evidence export (SARIF v2.1.0, JUnit XML, JSON)
- Docker sidecar for language-agnostic governance
Next: v1.3.0 β Cloud Integrations & Ecosystem
- Cloud agent platform integrations (AWS AgentCore, Bedrock Agents, Azure AI Foundry, GCP Vertex AI)
- Framework integrations (LangChain, CrewAI, AutoGen, LlamaIndex, Strands)
- AI Risk Register
- Policy registry at registry.tealtiger.ai
- GitHub Discussions: Ask questions, share ideas
- Documentation: docs.tealtiger.ai
- Blog: blogs.tealtiger.ai
- Playground: playground.tealtiger.ai
- LinkedIn: TealTiger
- Dev.to: Blog
- Email: [email protected]
TealTiger is Apache 2.0 licensed.
Built with β€οΈ by the TealTiger team and contributors.
β Star this repo if you believe AI agents need governance, not just guardrails.