Deterministic governance component for Haystack pipelines — policy enforcement, PII detection, cost tracking, and structured audit evidence. No LLM in the governance path.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Team-AgentGuard from gravatar.com Team-AgentGuard

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: TealTiger Team
  • Tags ai-agents , audit , component , deterministic , governance , guardrails , haystack , llm , pii , policy , security , tealtiger
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

tealtiger-haystack

Deterministic governance component for Haystack pipelines — policy enforcement, PII detection, cost tracking, and structured audit evidence.

No LLM in the governance path. All policy evaluation is deterministic, adding <2ms latency.

PyPI License Python

Installation

pip install tealtiger-haystack

Quick Start

Zero-Config Mode (Observe)

Add governance to any Haystack pipeline with zero configuration. In this mode, TealTiger observes all traffic, tracks cost estimates, detects PII, and allows everything through unchanged — producing structured audit entries for observability.

from haystack import Pipeline
from haystack_integrations.components.connectors.tealtiger import (
    TealTigerGovernanceComponent,
)

pipeline = Pipeline()
pipeline.add_component("governance", TealTigerGovernanceComponent())
pipeline.add_component("llm", your_generator)
pipeline.connect("governance.text", "llm.prompt")

result = pipeline.run({"governance": {"text": "What is the capital of France?"}})
# result["governance"]["decision"] contains:
# - correlation_id: UUID v4 for tracing
# - action: "ALLOW"
# - pii_detected: []
# - cost_tracked: 0.000014
# - cumulative_cost: 0.000014
# - evaluation_time_ms: 0.42

Policy Mode (Enforce)

When you provide a TealEngine instance, the component evaluates configured policies and can block requests that violate governance rules.

from tealtiger import TealEngine
from haystack_integrations.components.connectors.tealtiger import (
    TealTigerGovernanceComponent,
)

engine = TealEngine(policies=[
    {"type": "cost_limit", "max_per_session": 5.00},
    {"type": "pii_block", "categories": ["ssn", "credit_card"]},
])

pipeline = Pipeline()
pipeline.add_component(
    "governance",
    TealTigerGovernanceComponent(engine=engine, mode="ENFORCE"),
)
pipeline.add_component("llm", your_generator)
pipeline.connect("governance.text", "llm.prompt")

# Raises GovernanceDenyError if policy violated
result = pipeline.run({"governance": {"text": "Process this request"}})

Features

Feature Zero-Config Policy Mode
PII detection (email, SSN, credit card, phone, IP)
Cost tracking per evaluation
Structured audit entries
Correlation IDs (UUID v4)
Policy enforcement (DENY/ALLOW)
Fail-closed on engine error
Risk scoring

Component API

Input

Name Type Description
text str Input text to evaluate

Output

Name Type Description
text str Passthrough text (unchanged if allowed, empty if denied)
decision dict Structured audit entry with governance decision

Constructor Parameters

Parameter Type Default Description
engine TealEngine | None None TealEngine for policy evaluation
mode str "OBSERVE" Mode: OBSERVE, MONITOR, or ENFORCE
cost_per_1k_tokens float 0.002 Estimated cost per 1000 tokens
raise_on_deny bool True Raise exception on DENY (vs. return empty)
agent_id str | None Auto-generated Agent identifier for audit correlation

Governance Modes

  • OBSERVE — Zero-config default. Allow all, track cost, detect PII, produce audit entries.
  • MONITOR — Policy mode with logging only. Evaluate policies but allow all requests through.
  • ENFORCE — Production mode. Block requests that violate policies.

Audit Entry Structure

Every evaluation produces a structured audit entry:

{
    "correlation_id": "550e8400-e29b-41d4-a716-446655440000",
    "timestamp_ms": 1709234567890.0,
    "action": "ALLOW",
    "mode": "OBSERVE",
    "reason": "Allowed: zero-config observe mode",
    "reason_codes": ["OBSERVE_PASSTHROUGH"],
    "risk_score": 0,
    "pii_detected": [
        {"type": "email", "start": 12, "end": 30, "redacted": "jo**********om"}
    ],
    "cost_tracked": 0.000014,
    "cumulative_cost": 0.000042,
    "evaluation_time_ms": 0.38,
    "metadata": {
        "agent_id": "haystack-pipeline-a1b2c3d4",
        "evaluation_number": 3,
        "input_length": 45,
        "estimated_tokens": 11
    }
}

PII Detection

Built-in pattern detection for:

  • Email addresses
  • US phone numbers
  • Social Security Numbers (SSN)
  • Credit card numbers
  • IP addresses

PII findings are reported in audit entries with redacted values — the original text passes through unchanged in OBSERVE/MONITOR modes.

Error Handling

In ENFORCE mode with raise_on_deny=True:

from haystack_integrations.components.connectors.tealtiger.governance_component import (
    GovernanceDenyError,
)

try:
    result = pipeline.run({"governance": {"text": input_text}})
except GovernanceDenyError as e:
    print(f"Blocked: {e.decision['reason']}")
    print(f"Codes: {e.decision['reason_codes']}")

Development

# Install dev dependencies
pip install -e ".[dev]"

# Run tests
pytest

# Type checking
mypy src/

# Linting
ruff check src/ tests/

License

Apache-2.0 — see LICENSE.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Team-AgentGuard from gravatar.com Team-AgentGuard

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache-2.0)
  • Author: TealTiger Team
  • Tags ai-agents , audit , component , deterministic , governance , guardrails , haystack , llm , pii , policy , security , tealtiger
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tealtiger_haystack-0.1.0.tar.gz (16.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

tealtiger_haystack-0.1.0-py3-none-any.whl (13.5 kB view details)

Uploaded Python 3

File details

Details for the file tealtiger_haystack-0.1.0.tar.gz.

File metadata

  • Download URL: tealtiger_haystack-0.1.0.tar.gz
  • Upload date:
  • Size: 16.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for tealtiger_haystack-0.1.0.tar.gz
Algorithm Hash digest
SHA256 db65684a8ef2724a54ace4ca3862da959424367eb677fdc6a10f28495e6be772
MD5 04acacb2c45d1092c25c920f115d3110
BLAKE2b-256 79dac561a543df3e31e9184fd3b6299362bfc2a07f4c8a3cfaba324faf9f0188

See more details on using hashes here.

File details

Details for the file tealtiger_haystack-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for tealtiger_haystack-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 3c8045f757b006f1e625f68c3a73ee9d2b754382057502dd1c2a47e4503ca9b4
MD5 88e5af55033114c4df2566b05193d192
BLAKE2b-256 532d81e4d81cdffe6f7669967fc8cf9bb0e99f8f8596b5f6e9cfd5ae5a482aea

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page