Developer-First AI Security & Cost Governance SDK
Secure your AI. Control your costs. Zero infrastructure.
Drop-in SDKs that add security guardrails, policy enforcement, and cost tracking to your AI applications. Works with OpenAI, Anthropic, and more.
π Read the introduction blog post to learn more about TealTiger!
TealTiger is an SDK-only AI security and governance platform that provides:
- π‘οΈ Policy Enforcement - ENFORCE / MONITOR / REPORT_ONLY modes for safe rollouts
- π Security Guardrails - PII detection, prompt injection prevention, content moderation
- π° Cost Tracking - Monitor and control AI spending across providers
- π Audit Logging - Redaction-by-default audit trails with correlation IDs
- π― Deterministic Decisions - Stable, typed Decision contract with reason codes
- β‘ Zero Infrastructure - No servers, no deployment complexity
TypeScript/JavaScript:
npm install tealtigerPython:
pip install tealtigerTypeScript:
import { TealEngine, PolicyMode } from 'tealtiger';
const engine = new TealEngine({
policies: {
tools: {
web_search: { allowed: true },
file_delete: { allowed: false }
}
},
mode: PolicyMode.ENFORCE
});
const decision = engine.evaluate({
action: 'tool.execute',
tool_name: 'web_search',
context: { user_id: 'user-123' }
});
console.log(decision.action); // 'allow' or 'deny'
console.log(decision.reason_code); // e.g., 'policy.tool.allowed'Python:
from tealtiger import TealEngine, PolicyMode
engine = TealEngine(
policies={
"tools": {
"web_search": {"allowed": True},
"file_delete": {"allowed": False}
}
},
mode=PolicyMode.ENFORCE
)
decision = engine.evaluate({
"action": "tool.execute",
"tool_name": "web_search",
"context": {"user_id": "user-123"}
})
print(decision.action) # 'allow' or 'deny'
print(decision.reason_code) # e.g., 'policy.tool.allowed'TealTiger provides separate repositories for each SDK with full documentation:
| SDK | Repository | Package | Documentation |
|---|---|---|---|
| TypeScript | tealtiger-typescript-prod | npm | Docs |
| Python | tealtiger-python-prod | PyPI | Docs |
Deploy policies safely with three modes:
- ENFORCE: Block violating actions in production
- MONITOR: Log violations without blocking (shadow mode)
- REPORT_ONLY: Collect data for policy tuning
- TealEngine - Policy evaluation engine with deterministic decisions
- TealGuard - Security guardrails (PII, prompt injection, content moderation)
- TealCircuit - Circuit breaker for cascading failure prevention
- TealAudit - Audit logging with redaction-by-default
- TealMonitor - Performance and cost monitoring
- Decision Contract - Stable, typed Decision object with action, reason codes, risk scores
- Execution Context - Correlation IDs and traceability across components
- Audit Redaction - Security-by-default with configurable redaction levels
- Policy Testing - CLI and library test runner for CI/CD integration
Current (v1.1.0):
- β OpenAI (GPT-4, GPT-3.5)
- β Anthropic (Claude)
Coming in v1.1.x:
- π Google Gemini
- π AWS Bedrock
- π Azure OpenAI
- π Cohere
- π Mistral AI
- Official Documentation - Complete guides and API reference
- Quickstart Guide - Get started in 5 minutes
- Core Concepts - Understand the decision model
- API Reference - TypeScript - TypeScript API docs
- API Reference - Python - Python API docs
- Migration Guide - Upgrade to v1.1.x
- FAQ - Frequently asked questions
TealTiger v1.1.0 provides comprehensive coverage for 7 out of 10 OWASP Top 10 for Agentic Applications (ASI01-ASI10) vulnerabilities through its SDK-only architecture.
| ASI | Vulnerability | Coverage |
|---|---|---|
| ASI01 | Goal Hijacking & Prompt Injection | π‘ Partial |
| ASI02 | Tool Misuse & Unauthorized Actions | π’ Full |
| ASI03 | Identity & Access Control Failures | π’ Full |
| ASI04 | Supply Chain Vulnerabilities | π§ Support |
| ASI05 | Unsafe Code Execution | π’ Full |
| ASI06 | Memory & Context Corruption | π’ Full |
| ASI07 | Inter-Agent Communication Security | β Platform |
| ASI08 | Cascading Failures & Resource Exhaustion | π’ Full |
| ASI09 | Harmful Content Generation | π§ Support |
| ASI10 | Rogue Agent Behavior | π’ Full |
Total Coverage: 7/10 ASIs (70%) with SDK alone
Learn more: OWASP ASI Mapping
- Enterprise AI Applications - Policy enforcement and compliance
- Customer Support Bots - Protect customer PII and sensitive data
- Healthcare AI - HIPAA compliance and audit trails
- Financial Services - Prevent data leakage and unauthorized actions
- E-commerce Agents - Secure payment information and transactions
- Education Platforms - Content safety and moderation
We welcome contributions! Please see our Contributing Guide for details.
TypeScript SDK:
git clone https://github.com/agentguard-ai/tealtiger-typescript-prod.git
cd tealtiger-typescript-prod
npm install
npm testPython SDK:
git clone https://github.com/agentguard-ai/tealtiger-python-prod.git
cd tealtiger-python-prod
pip install -e ".[dev]"
pytestApache 2.0 Β© TealTiger Team
TealTiger SDKs are open source and will always remain free. The future SaaS platform will be a commercial offering.
See LICENSE for details.
Security is our top priority. If you discover a security vulnerability, please see our Security Policy.
- Documentation: docs.tealtiger.ai
- GitHub Issues: Report bugs and request features
- Email: reachout@tealtiger.ai
- Blog: blogs.tealtiger.ai
- Website: tealtiger.ai
- Documentation: docs.tealtiger.ai
- Playground: playground.tealtiger.ai
- NPM Package: npmjs.com/package/tealtiger
- PyPI Package: pypi.org/project/tealtiger
- TypeScript SDK: github.com/agentguard-ai/tealtiger-typescript-prod
- Python SDK: github.com/agentguard-ai/tealtiger-python-prod
Made with β€οΈ for the AI community
β Star us on GitHub | π Read the Docs | π¦ Follow us on Twitter