Thanks to visit codestin.com
Credit goes to github.com

Skip to content

agentguard-ai/tealtiger

BranchesTags

Repository files navigation

TealTiger

TealTiger Logo

AI Agent Security & Governance SDK

Deterministic governance, guardrails, cost tracking, and policy management for LLM applications. Open source. TypeScript + Python. Works with any provider.

npm version PyPI version License: Apache 2.0 Discord GitHub stars

Website Β· Documentation Β· Examples Β· Discord Β· Contributing

What is TealTiger?

TealTiger is an open-source SDK that provides deterministic governance for AI agents. It enforces security policies, tracks costs, and produces structured evidence β€” all at runtime, with no infrastructure required.

Looking for the source code? This is the hub repo. The SDK source lives in the language-specific repos:

Or clone this repo with submodules: git clone --recurse-submodules https://github.com/agentguard-ai/tealtiger.git

Unlike probabilistic safety filters, TealTiger uses deterministic policy evaluation: same input + same policy = same decision, every time. Every governance verdict is reconstructable, traceable to the human who authored the policy, and exportable as structured evidence (SARIF, JUnit XML, JSON).

Key principle: Governance should be an engineering property embedded in the runtime β€” not a document reviewed after the fact.

πŸš€ Quick Start

TypeScript

npm install tealtiger
import { TealOpenAI } from 'tealtiger';

const client = new TealOpenAI({
  apiKey: process.env.OPENAI_API_KEY,
  guardrails: {
    piiDetection: true,
    promptInjection: true,
    contentModeration: true,
  },
  budget: {
    maxCostPerRequest: 0.50,
    maxCostPerDay: 10.00,
  },
});

const response = await client.chat.completions.create({
  model: 'gpt-4',
  messages: [{ role: 'user', content: 'Hello!' }],
});
// Guardrails enforced. Cost tracked. Evidence produced.

Python

pip install tealtiger
from tealtiger import TealOpenAI

client = TealOpenAI(
    api_key=os.getenv("OPENAI_API_KEY"),
    guardrails={
        "pii_detection": True,
        "prompt_injection": True,
        "content_moderation": True,
    },
    budget={
        "max_cost_per_request": 0.50,
        "max_cost_per_day": 10.00,
    },
)

response = client.chat.completions.create(
    model="gpt-4",
    messages=[{"role": "user", "content": "Hello!"}],
)
# Guardrails enforced. Cost tracked. Evidence produced.

✨ Features

πŸ›‘οΈ Security Guardrails

  • PII Detection β€” Detect and redact sensitive information automatically
  • Prompt Injection Prevention β€” Block malicious prompt injection attempts
  • Content Moderation β€” Filter toxic, harmful, or inappropriate content
  • Secret Detection β€” 500+ patterns across 9 categories with confidence scoring
  • Custom Rules β€” Define your own security policies

πŸ’° Cost Governance

  • Budget Enforcement β€” Hard limits per request, session, and day
  • Cost Tracking β€” Real-time monitoring across all providers
  • Cost Alerts β€” Notifications at configurable thresholds
  • Circuit Breakers β€” Prevent runaway cost loops automatically

πŸ”Œ 12 LLM Providers

  • OpenAI β€” GPT-4, GPT-4o, GPT-3.5
  • Anthropic β€” Claude 3.5, Claude 3
  • Google Gemini β€” Multimodal support
  • AWS Bedrock β€” Claude, Titan, Jurassic, Command, Llama
  • Azure OpenAI β€” Deployment-based routing
  • Cohere β€” Chat, RAG, embeddings
  • Mistral AI β€” European data residency
  • DeepSeek β€” Cost-efficient reasoning models
  • Groq β€” Ultra-low latency inference
  • Together AI β€” Open-source model hosting
  • HuggingFace TGI β€” Self-hosted inference
  • xAI (Grok) β€” Real-time knowledge

πŸ”Œ Platform Adapters

  • AWS Bedrock Agents β€” Native guardrail adapter
  • AWS AgentCore β€” Pre/post action governance plugin
  • Azure AI Agent Service β€” Tool-call pipeline middleware

πŸ—οΈ Governance Architecture

  • Deterministic Policy Evaluation β€” No LLM in the governance path
  • Structured Evidence β€” Every decision produces a reconstructable record
  • Cryptographic Proof β€” Merkle trees + RFC 3161 timestamping (TealProof)
  • Non-Human Identity (NHI) β€” Agent lifecycle, scope enforcement, Zero Standing Privilege
  • FREEZE Rules β€” Immutable emergency kill switches with tamper detection
  • Correlation IDs β€” End-to-end traceability across the decision chain
  • Policy Traceability β€” Every verdict traces to the human policy author
  • OWASP Agentic Top 10 β€” Zero-config policy pack covering all 10 ASI risks

πŸ—ΊοΈ Governance Coverage

Dimension What it does Module
πŸ›‘οΈ Security Secret detection (500+ patterns), prompt injection, PII, content moderation, Unicode normalization, encoded output detection TealSecrets TealGuard
πŸ”‘ Identity Non-Human Identity lifecycle, scope enforcement, Zero Standing Privilege, agent attestation TealEngine (NHI)
⚑ Reliability Circuit breakers, retry budgets, fallback chains, deterministic degradation TealCircuit TealReliability
🧠 Memory Write provenance, instruction injection detection, exfiltration prevention, scope enforcement TealMemory
πŸ’° Cost Governance-owned ceilings, anomaly detection, reasoning-token budgets, per-agent attribution TealMonitor
πŸ“‹ Evidence Cryptographic receipts (Merkle + RFC 3161), SARIF export, OTel spans, SIEM integration TealProof TealAudit
βš™οΈ Policy FREEZE rules, PLAN_ONLY mode, hot-swap bundles, anti-tamper, automation levels TealEngine
πŸ”„ Workflow Declarative YAML governance workflows, org-level inheritance, floor enforcement TealFlow
πŸ“Š Drift Behavioral drift detection, statistical baselines, model output regression TealDrift
⏱️ Temporal Session TTL, cooldown periods, time-of-day restrictions TealTemporal
πŸ” Registry MCP definition-drift monitoring, tool description scanning, adapter composition allowlist TealRegistry
🧠 Classification Local ONNX ML inference (≀20ms), ensemble modes, regex+ML combination TealClassifier

Design principle: No LLM in the governance path. Same input + same policy = same decision, every time.

πŸ“¦ SDKs

Language Source Code Package Install
TypeScript tealtiger-typescript-prod npm npm install tealtiger
Python tealtiger-python-prod PyPI pip install tealtiger

πŸ“š Documentation

TealEngine Policy Schema

Use schemas/tealtiger-policy.schema.json for editor autocomplete and validation when authoring TealEngine policy JSON or YAML files. JSON policy files can include:

{
  "$schema": "./schemas/tealtiger-policy.schema.json"
}

For YAML policies, configure your editor's YAML schema mapping to point policy files such as tealtiger-policy.yml at ./schemas/tealtiger-policy.schema.json.

🐯 Build With Us β€” Early Contributor Program

TealTiger is open source and we're looking for early contributors to shape the future of AI agent governance.

What You Can Work On

Area Examples Difficulty
πŸ” Secret Detection New detection patterns, custom categories 🟒 Beginner
πŸ“ Documentation Guides, examples, API docs, typo fixes 🟒 Beginner
πŸ§ͺ Tests Unit tests, property-based tests, integration tests 🟑 Intermediate
πŸ”Œ Integrations LangChain, CrewAI, AutoGen, LlamaIndex middleware 🟑 Intermediate
πŸ’Ύ Memory Adapters Redis, Pinecone, Weaviate, ChromaDB adapters 🟑 Intermediate
πŸ”„ CI/CD Templates Jenkins, Azure Pipelines, Bitbucket Pipelines 🟑 Intermediate
πŸ—οΈ Core Modules Governance engine, evidence export, policy evaluation πŸ”΄ Advanced

What Early Contributors Get

  • πŸ† Named in CONTRIBUTORS.md and release notes
  • πŸŽ–οΈ "Founding Contributor" badge β€” first 25 merged PRs get permanent recognition
  • πŸ“£ Shoutout on TealTiger social channels (LinkedIn, X, Dev.to)
  • πŸ”‘ Early access to upcoming governance features before public release
  • πŸ’¬ Direct access to the core team via GitHub Discussions
  • πŸ“ Co-authorship opportunity on technical blog posts

Get Started

# 1. Star this repo (it helps!)

# 2. Fork and clone the SDK you want to contribute to:
# TypeScript SDK:
git clone https://github.com/agentguard-ai/tealtiger-typescript-prod.git
# Python SDK:
git clone https://github.com/agentguard-ai/tealtiger-python-prod.git

# 3. Pick a "good first issue"
# https://github.com/agentguard-ai/tealtiger/issues?q=label%3A%22good+first+issue%22

# 4. Submit a PR
# 5. Join the team 🐯

See CONTRIBUTING.md for detailed guidelines.

πŸ—ΊοΈ Roadmap

Current: v1.3.0 β€” Autonomous Agent Governance (Released May 18, 2026)

  • TealEngine v1.3 with pre/post evaluation pipeline, FREEZE rules, automation levels
  • Non-Human Identity (NHI) governance with Zero Standing Privilege
  • TealProof β€” cryptographic governance receipts (Merkle + RFC 3161)
  • TealFlow β€” declarative YAML governance workflows
  • TealClassifier β€” local ONNX ML inference (≀20ms)
  • TealDrift, TealState, TealTemporal β€” behavioral, context, and session governance
  • TealMonitor v2 β€” governance-owned cost ceilings, anomaly detection
  • OWASP Agentic Top 10 policy pack (zero-config)
  • 12 LLM providers + 3 platform adapters (Bedrock, AgentCore, Azure)
  • Full Python SDK parity

Next: v1.4.0 β€” Zero-Config Adoption

  • observe() mode β€” 1-line integration, instant visibility
  • Progressive disclosure: observe β†’ suggest β†’ enforce
  • Auto-baseline behavioral detection
  • Framework adapters (LangChain, CrewAI, AutoGen, LlamaIndex)
  • Developer experience overhaul

🌟 Community

πŸ“„ License

TealTiger is Apache 2.0 licensed.

πŸ™ Acknowledgments

Built with ❀️ by the TealTiger team and contributors.

⭐ Star this repo if you believe AI agents need governance, not just guardrails.

Report Bug Β· Request Feature Β· Ask Question

About

Powerful protection for AI agents - Open-source security and cost tracking for AI applications

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

8 stars

Watchers

0 watching

Forks

9 forks
Report repository

Releases 3

TealTiger v1.3.0 β€” Autonomous Agent Governance Latest
May 18, 2026
+ 2 releases

Packages

 
 
 

Contributors

Languages