Skip to main content

Frequently Asked Questions

General Questions

What is TealTiger?

TealTiger is an AI agent security platform that provides guardrails, cost tracking, and policy management for LLM applications. It’s an SDK-only solution that requires no infrastructure - you integrate it directly into your application code.

How is TealTiger different from other AI security tools?

TealTiger focuses on three key differentiators:
  • SDK-only architecture: No servers, no infrastructure, no deployment complexity
  • Developer-first approach: Policy-as-code, CI/CD integration, deterministic decisions
  • Enterprise-ready features: Policy rollout modes, audit redaction, correlation IDs, policy testing
See TealTiger vs Guardrails vs Protect AI for detailed comparison.

Is TealTiger open source?

Yes! TealTiger SDKs (TypeScript and Python) are open source under the Apache 2.0 license and will remain open source. The future SaaS platform (v1.2.x+) will be a commercial offering, but the SDKs will always be free and open source.

What languages/frameworks does TealTiger support?

  • Languages: TypeScript/JavaScript (Node.js), Python
  • Frameworks: LangChain, CrewAI, OpenClaw, MCP (Model Context Protocol)
  • Observability: OpenTelemetry, LangFuse, LangSmith, Helicone

Licensing & Pricing

Is TealTiger free to use?

Yes, the v1.1.0 SDK is free and open source. There are no usage limits, no API keys required, and no telemetry sent to TealTiger servers.

Will there be a paid version?

Yes, we plan to offer a SaaS platform (v1.2.x+) with additional features like:
  • Centralized policy management
  • Multi-tenant governance
  • Advanced analytics and dashboards
  • Enterprise support
The SDKs will always remain free and open source.

Do I need to pay for API calls?

No. TealTiger runs entirely in your application - there are no API calls to TealTiger servers. You only pay for your LLM provider costs (OpenAI, Anthropic, etc.).

Technical Questions

Does TealTiger add latency to my application?

TealTiger policy evaluation is designed to be fast:
  • Target: under 10ms per evaluation (p95)
  • Typical: 2-5ms for simple policies
  • Impact: Minimal compared to LLM API calls (100-1000ms+)
See Performance Tuning for optimization tips.

Can I use TealTiger in production?

Yes! TealTiger v1.1.0 is production-ready with:
  • Deterministic decision contract
  • Security-by-default audit redaction
  • Policy rollout modes (MONITOR before ENFORCE)
  • Comprehensive test coverage (80%+)

Does TealTiger work with streaming responses?

Yes, TealTiger can evaluate policies before streaming begins. For content moderation during streaming, you can evaluate chunks as they arrive. 
// Evaluate before streaming
const decision = engine.evaluate({
  action: "llm.stream",
  context
});

if (decision.action === DecisionAction.ALLOW) {
  // Start streaming
  for await (const chunk of stream) {
    // Optional: evaluate each chunk
    yield chunk;
  }
}

Can I use TealTiger with multiple LLM providers?

Yes! TealTiger is provider-agnostic. It works with:
  • OpenAI (GPT-4, GPT-3.5)
  • Anthropic (Claude)
  • Google Gemini - coming in v1.1.x
  • AWS Bedrock - coming in v1.1.x
  • Azure OpenAI - coming in v1.1.x
  • Cohere - coming in v1.1.x
  • Mistral AI - coming in v1.1.x
  • Azure OpenAI - coming in v1.1.x

Does TealTiger support multi-tenancy?

Yes, use the tenant_id field in ExecutionContext: 
const context = ContextManager.createContext({
  tenant_id: "customer-123",
  app: "my-app"
});
You can then filter audit logs and apply tenant-specific policies.

Policy Questions

How do I write policies?

Policies are defined as JSON/JavaScript objects: 
const policies = {
  tools: {
    dangerous_tool: { allowed: false },
    safe_tool: { allowed: true }
  },
  budget: {
    max_cost_per_request: 1.0
  }
};
See Policy Authoring Guide for details.

Can I test policies before deploying?

Yes! Use the Policy Test Harness: 
import { PolicyTester } from "tealtiger/testing";

const tester = new PolicyTester({
  engine,
  corpusPath: "./test-corpus.json"
});

const results = await tester.runTests();
See Policy Testing for details.

What are policy modes?

Policy modes control how policies are enforced:
  • ENFORCE: Block requests that violate policy (production)
  • MONITOR: Allow requests but log violations (testing)
  • REPORT_ONLY: Log decisions without evaluation (audit only)
See Policy Modes for details.

Can I gradually roll out policies?

Yes! Use per-policy mode overrides: 
const engine = new TealEngine({
  policies,
  mode: {
    defaultMode: PolicyMode.MONITOR,        // Safe default
    policyModes: {
      "tools.critical": PolicyMode.ENFORCE  // Enforce critical only
    }
  }
});
This is the recommended approach for production rollouts.

Security Questions

Does TealTiger log sensitive data?

No, by default TealTiger uses security-by-default redaction:
  • Prompts and responses are hashed (not stored in plaintext)
  • PII is automatically detected and redacted
  • Debug mode is disabled by default
See Audit & Redaction for details.

Can I customize redaction behavior?

Yes, configure redaction levels per field: 
const audit = new TealAudit({
  config: {
    input_redaction: RedactionLevel.HASH,    // Hash inputs
    output_redaction: RedactionLevel.REMOVE, // Remove outputs entirely
    detect_pii: true                         // Auto-detect PII
  }
});

Is TealTiger HIPAA/SOC2/GDPR compliant?

TealTiger provides the building blocks for compliance:
  • Audit logging with redaction
  • PII detection and removal
  • Deterministic decision records
  • Correlation IDs for traceability
However, compliance is a shared responsibility. You must:
  • Configure appropriate redaction levels
  • Store audit logs securely
  • Implement access controls
  • Follow your organization’s compliance requirements

Does TealTiger send data to external servers?

No. TealTiger v1.1.0 is SDK-only and runs entirely in your application. No data is sent to TealTiger servers.

Integration Questions

How do I integrate with LangChain?

Use the TealTiger LangChain integration: 
import { TealTigerToolWrapper } from "tealtiger/integrations/langchain";

const wrappedTool = new TealTigerToolWrapper({
  tool: myLangChainTool,
  engine,
  audit
});
See LangChain Integration for details.

How do I integrate with OpenTelemetry?

Pass OpenTelemetry trace IDs to TealTiger: 
import { trace } from "@opentelemetry/api";

const span = trace.getActiveSpan();
const traceId = span?.spanContext().traceId;

const context = ContextManager.createContext({
  tenant_id: "acme",
  trace_id: traceId
});
See OpenTelemetry Integration for details.

Can I use TealTiger with serverless functions?

Yes! TealTiger works great with serverless:
  • No persistent connections required
  • Fast cold start (under 50ms overhead)
  • Stateless design
Just ensure audit logs are written to a persistent destination (S3, CloudWatch, etc.).

Troubleshooting Questions

Why are my policies not being enforced?

Common causes:
  • Policy mode is MONITOR or REPORT_ONLY (not ENFORCE)
  • Policy path doesn’t match your request structure
  • Default mode is too permissive
See Troubleshooting Guide for solutions.

Why are correlation IDs different across operations?

You’re likely creating a new ExecutionContext for each operation. Create the context once per request and pass it to all operations: 
const context = ContextManager.createContext({ tenant_id: "acme" });

const decision1 = engine.evaluate({ ...request1, context });
const decision2 = engine.evaluate({ ...request2, context });
// Same correlation_id

Why is my audit log empty?

Common causes:
  • No outputs configured in TealAudit
  • File permissions issue
  • Events buffered but not flushed
See Troubleshooting Guide for solutions.

Migration Questions

How do I migrate from v1.0.x to v1.1.0?

See the Migration Guide for step-by-step instructions. Key changes:
  • New Decision contract (deterministic fields)
  • ExecutionContext with correlation IDs
  • Policy modes (ENFORCE/MONITOR/REPORT_ONLY)
  • Audit schema v1.0.0

Is v1.1.0 backwards compatible with v1.0.x?

No, v1.1.0 introduces breaking changes:
  • Decision object structure changed
  • Policy configuration format updated
  • Audit event schema versioned
Follow the migration guide to upgrade safely.

Can I run v1.0.x and v1.1.0 side-by-side?

Yes, you can run both versions in different parts of your application during migration. Use different import paths: 
import { TealEngine as TealEngineV1 } from "tealtiger-v1";
import { TealEngine as TealEngineV2 } from "tealtiger";

Roadmap Questions

What’s coming in v1.2.x?

Planned features for v1.2.x:
  • SaaS platform with centralized policy management
  • Multi-provider support (Gemini, Bedrock, Azure OpenAI)
  • Advanced analytics and dashboards
  • Enterprise governance features
See v1.2.x Evolution for details.

When will multi-provider support be available?

Multi-provider support (Gemini, Bedrock, Azure OpenAI, Cohere, Mistral) is planned for Q2-Q3 2026 as part of v1.1.x releases.

Can I request a feature?

Yes! We welcome feature requests:
  • Check GitHub Issues for existing requests
  • Open a new issue with the “feature request” label
  • Describe your use case and the problem you’re trying to solve

Support Questions

Where can I get help?

How do I report a bug?

  • Check GitHub Issues for existing reports
  • Open a new issue with:
    • TealTiger version
    • Language/framework (TypeScript/Python)
    • Minimal reproduction code
    • Expected vs actual behavior
    • Error messages/logs

How do I contribute?

We welcome contributions! See CONTRIBUTING.md for guidelines. Common contributions:
  • Bug fixes
  • Documentation improvements
  • Example applications
  • Integration guides
  • Test coverage

Still Have Questions?

If your question isn’t answered here: