$ talon audit list
ID TIME CALLER PII COST(β¬) MODEL DECISION
evt_a1b2c3 2026-03-15T10:23:45 support-bot email(1) 0.003 gpt-4o-mini allowed
evt_d4e5f6 2026-03-15T10:24:12 hr-assistant iban(2) 0.000 gpt-4o blocked:pii
evt_x9y0z1 2026-03-15T10:24:45 eng-tools none 0.000 β blocked:tool
evt_g7h8i9 2026-03-15T10:25:01 eng-tools none 0.012 claude-3.5 allowed
evt_j0k1l2 2026-03-15T10:25:30 support-bot email(1),phone 0.004 gpt-4o-mini allowed:redacted
One URL change. PII scan, tool block, tamper-proof record. No code rewrites.
Talon is a single Go binary in front of OpenAI, Anthropic, and Bedrock. Point your app at localhost:8080/v1/proxy/openai instead of api.openai.com β same API, same response. Every call is policy-checked, PII-scanned, cost-tracked, and logged. Works with Slack bots, OpenClaw, CoPaw, and other OpenAI-compatible clients. Built for EU teams that need strong governance signals (GDPR, NIS2, DORA, EU AI Act); Apache 2.0.
- Go (fastest):
go install github.com/dativo-io/talon/cmd/talon@latest - Release binary (checksummed): GitHub Releases +
checksums.txt - Container image:
ghcr.io/dativo-io/talon:latest(also:vX.Y.Z,:X.Y) - Install script (checksum verification included):
curl -sSL https://install.gettalon.dev | sh
Note: GitHub may still show Packages 0 in the sidebar. Use the release artifacts and GHCR image coordinates above as the source of truth.
Artifact verification quick check:
# verify release assets exist
LATEST=$(gh release view --json tagName -q .tagName)
gh release view "$LATEST" --json assets -q '.assets[].name'
# verify GHCR image is published
docker pull ghcr.io/dativo-io/talon:latestgit clone https://github.com/dativo-io/talon && cd talon
cd examples/docker-compose && docker compose up
# In another terminal β send a request with PII:
curl -X POST http://localhost:8080/v1/proxy/openai/v1/chat/completions \
-H "Content-Type: application/json" \
-d '{"model":"gpt-4o-mini","messages":[{"role":"user","content":"My email is jan@example.com and my IBAN is DE89370400440532013000. Help me reset my password."}]}'
# See the record (PII detected, cost, decision):
docker compose exec talon /usr/local/bin/talon audit listThe mock provider handles the LLM call. Evidence appears immediately β PII detected, cost logged, HMAC-signed record. What exactly does Talon do to your request?
cd examples/docker-compose
docker compose up -d
curl -X POST http://localhost:8080/v1/proxy/openai/v1/chat/completions \
-H "Content-Type: application/json" \
-d '{"model":"gpt-4o-mini","messages":[{"role":"user","content":"my email is jan@example.com and iban DE89370400440532013000"}]}'
docker compose exec talon /usr/local/bin/talon audit list --limit 1
docker compose exec talon /usr/local/bin/talon audit show <evidence-id>Expected outcome:
- request is accepted or policy-blocked based on your config
- evidence row includes PII types + decision
talon audit verify <evidence-id>returns valid signature
Visual capture workflow (for release notes/social posts):
# generate deterministic sample records for screenshots/GIF capture
bash scripts/demo-recorder.sh- Your agent called
bulk_delete_users. A PII-only proxy (e.g. CloakLLM, or a DIY FastAPI proxy) never sees tool names β the LLM talks directly to your backend. Talon sits in front of the LLM and the tool layer: MCPtools/calland gateway requests are policy-checked before execution. Forbidden tools are blocked; every call is logged. You get a record nobody can quietly edit. - A prompt contained an IBAN and the model replied with it. Logging after the fact does not stop the leak. Talon scans input (and optionally response) before the call completes; you can block, redact, or restrict to EU-only models when PII is detected. Budget is evaluated before the call, not after β unlike LiteLLM-style post-spend alerts.
- You have no proof of what ran. Spreadsheets and ad-hoc logs are easy to alter. Talon writes an HMAC-signed evidence record per request to SQLite; verify with
talon audit verify. Export to CSV for your compliance officer. - Third-party AI (Zendesk, Intercom) is a black box. You are liable even if they say they are compliant. Route them through Talon's MCP proxy: you get the same PII scan, tool filter, and tamper-proof record without the vendor rewriting their stack.
See also: Why not just a PII proxy?
Scenario: You pay Many β¬/month for Zendesk AI Agent, Intercom, or HubSpot AI. It works great, but you can't prove GDPR compliance.
Solution: Route vendor through Talon's MCP proxy (30 minutes setup).
# Point vendor to Talon, gain full visibility
agent:
name: "zendesk-vendor-proxy"
type: "mcp_proxy"
proxy:
upstream: "https://zendesk-ai-agent.com"
pii_handling:
redaction_rules:
- field: "customer_email"
method: "hash"
- field: "customer_phone"
method: "mask_middle"
compliance:
frameworks: ["gdpr", "nis2"]
audit_retention: 365Result:
- β Vendor keeps working (transparent proxy)
- β You have a tamper-proof record (GDPR Article 30 exports)
- β PII redacted before vendor access
- β Can block forbidden operations
See: VENDOR_INTEGRATION_GUIDE.md
Scenario: You built a Slack bot 6 months ago. Works great, but compliance officer needs verifiable records.
Solution: Add 5 lines of code to route through Talon (4 hours setup).
# BEFORE (ungoverned)
response = openai.ChatCompletion.create(
model="gpt-4",
messages=[{"role": "user", "content": query}]
)
# AFTER (governed) - 5 lines changed
response = requests.post("http://localhost:8081/v1/chat/completions", json={
"agent_id": "slack-support-bot",
"model": "gpt-4",
"messages": [{"role": "user", "content": query}]
})Result:
- β Bot keeps working (same UX)
- β Stronger GDPR + NIS2 control coverage with auditable records
- β No rewrite needed
- β Audit-ready in 1 day
Scenario: Greenfield project, want governance controls from Day 1.
Solution: Use Talon from the start (2 minutes to first agent).
# Install
go install github.com/dativo-io/talon/cmd/talon@latest
# macOS: if you see "unsupported tapi file type" or clang linker error, use:
# CC=/usr/bin/clang go install github.com/dativo-io/talon/cmd/talon@latest
# or: curl -sSL https://install.gettalon.dev | sh
# Initialize (interactive wizard in a terminal; use --scaffold for quick defaults)
mkdir my-agents && cd my-agents
talon init
# Configure secrets (or use env: export OPENAI_API_KEY=sk-proj-...)
talon secrets set openai-api-key "sk-proj-..."
# Run first governed agent
talon run "Summarize EU AI regulation trends"Result:
- β Compliant from Day 1
- β No custom policy code
- β Policy-as-code in YAML
- β Audit trail automatic
See: QUICKSTART.md
Talon requires Go 1.22+ and CGO (for SQLite). Standard options:
From source (any branch, recommended for development):
git clone https://github.com/dativo-io/talon.git
cd talon
git checkout main # or feat/your-branch
make build # β bin/talon
# or: make install # β $GOPATH/bin/talonOn macOS, make build / make install use the system Clang by default so CGO linking works. If you use go build or go install directly and see unsupported tapi file type '!tapi-tbd', set the compiler: CC=/usr/bin/clang CGO_ENABLED=1 go build -o bin/talon ./cmd/talon/.
From a released version (stable):
go install github.com/dativo-io/talon/cmd/talon@latest
# or a specific tag: ...@v1.0.0macOS: If go install fails with unsupported tapi file type '!tapi-tbd' (Homebrew LLVM vs Apple SDK), use system Clang: CC=/usr/bin/clang go install github.com/dativo-io/talon/cmd/talon@latest. Or clone the repo and run make install (Makefile forces system Clang).
Note: You cannot install a branch with go install ...@branch-name; Go expects a module version (tag or pseudo-version). To run a branch, clone the repo and use make build or make install from that branch.
# Install (see Install section above), then:
mkdir my-agents && cd my-agents
talon init # Interactive wizard (in a terminal); or: talon init --scaffold for quick defaults
# Set your LLM provider key (or use vault: talon secrets set openai-api-key "sk-...")
export OPENAI_API_KEY=sk-your-key
# Or: talon secrets set openai-api-key "sk-..."
# Also supports: ANTHROPIC_API_KEY, AWS_REGION (for Bedrock), Ollama (local, no key needed)
# Run your first governed agent
talon run "Summarize the key trends in European AI regulation"You'll see:
β Policy check: ALLOWED
[Agent response appears here]
β Evidence stored: req_xxxxxxxx
β Cost: β¬0.0018 | Duration: 1250ms
Try a policy block β set daily: 0.001 in your agent.talon.yaml, run again, and watch the policy engine deny the request:
β Policy check: DENIED
Reason: budget_exceeded
Inspect and verify the evidence:
talon audit list --limit 10 # List recent evidence
talon audit show <evidence-id> # Full record (classification, PII, HMAC status)
talon audit verify <evidence-id> # Verify signature + compact summary
talon audit export --format csv --from ... --to ... # Export for compliance (includes pii_detected, tiers)(Evidence IDs are shown in run output, e.g. req_xxxxxxxx.)
Deterministic explanation contract (MVP):
- Every evidence record includes
explanations[]with stable fields:code,decision,stage,reason,trigger,fix,policy_ref,version_identity. - List/index surfaces expose
primary_explanation_codeandprimary_explanation_reason. version_identityis dual-factor: declared policy version + canonical policy hash.
Run the full REST API, MCP server, and embedded dashboard:
# Set admin key (for admin + dashboard/metrics endpoints)
export TALON_ADMIN_KEY="replace-with-strong-admin-key"
# Start server (dashboard at / and /dashboard)
talon serve --port 8080
# With MCP proxy for vendor compliance (e.g. Zendesk AI)
talon serve --port 8080 --proxy-config examples/vendor-proxy/zendesk-proxy.talon.yaml
# With LLM API gateway (proxy mode: route OpenAI/Anthropic/Ollama traffic through Talon)
talon serve --port 8080 --gateway --gateway-config examples/gateway/talon.config.gateway.yamlEndpoints include: GET /v1/health, GET /v1/status, POST /v1/agents/run, POST /v1/chat/completions (OpenAI-compatible), GET /v1/evidence, GET /v1/costs, GET /v1/plans/pending (plan review), POST /mcp (native MCP), POST /mcp/proxy (when proxy is configured), **POST /v1/proxy/{provider}/v1/chat/completions** (LLM API gateway when --gateway is set; caller auth via Authorization: Bearer <tenant-key>), and operational control plane endpoints: GET /v1/runs, POST /v1/runs/{id}/kill, POST /v1/runs/{id}/pause, POST /v1/runs/{id}/resume, GET /v1/overrides, POST /v1/overrides/{tenant_id}/lockdown, GET /v1/tool-approvals, POST /v1/tool-approvals/{id}/decide. Tenant-scoped API routes use Authorization: Bearer <tenant-key>. Admin-only routes (including all /v1/runs, /v1/overrides, and /v1/tool-approvals endpoints) use X-Talon-Admin-Key: <key> (or bearer fallback).
For browser navigation to dashboards, include the admin key in the URL once:
http://localhost:8080/dashboard?talon_admin_key=YOUR_TALON_ADMIN_KEYhttp://localhost:8080/gateway/dashboard?talon_admin_key=YOUR_TALON_ADMIN_KEY
Dashboard links preserve this key automatically for subsequent navigation.
See: QUICKSTART.md for serve and dashboard usage.
Route third-party AI vendors (Zendesk, Intercom, HubSpot) through Talon for independent audit and PII redaction:
- Create a proxy config (see
examples/vendor-proxy/zendesk-proxy.talon.yaml). - Start Talon with
--proxy-config:
talon serve --port 8080 --proxy-config path/to/proxy.talon.yaml- Point the vendor at
https://your-talon-host/mcp/proxy.
Talon intercepts MCP traffic, enforces policy, redacts PII, and records evidence. Modes: intercept (block forbidden), passthrough (log only), shadow (audit without blocking).
See: VENDOR_INTEGRATION_GUIDE.md and ARCHITECTURE_MCP_PROXY.md.
Route raw LLM API traffic (OpenAI, Anthropic, Ollama) through Talon so desktop apps, Slack bots, and scripts get the same controls without code changes:
- Create a gateway config (see
examples/gateway/talon.config.gateway.yaml) with providers, caller tenant keys, and optional policy overrides (allowed models, cost limits). - Start Talon with
--gatewayand--gateway-config:
talon serve --port 8080 --gateway --gateway-config path/to/gateway.yaml- Point your app at
https://your-talon-host/v1/proxy/ollama/v1/chat/completions(oropenai,anthropic) and sendAuthorization: Bearer <caller-key>.
Talon identifies the caller, enforces per-caller model and cost policy, records evidence, and forwards to the configured upstream. Costs appear in GET /v1/costs for the caller's tenant.
See: OpenClaw integration, CoPaw integration, Slack bot integration, Desktop apps.
Policy-as-Code β Define agent policy in agent.talon.yaml files. Cost limits, data classification, model routing, tool access, time restrictions β all declarative, version-controlled, auditable.
MCP-Native β Talon speaks Model Context Protocol. Connect any MCP-compatible agent or tool. Every MCP tool call passes through the policy engine. Works as transparent proxy for third-party vendors.
Vendor Integration β Route third-party AI vendors (Zendesk, Intercom, HubSpot) through Talon's MCP proxy. Gain tamper-proof records, PII redaction, and policy enforcement without vendor rewrites. This supports audit readiness even with black-box SaaS.
LLM API Gateway β Route raw LLM API traffic (OpenAI, Anthropic, Ollama) through Talon at /v1/proxy/*. Desktop apps, Slack bots, and scripts use caller API keys; Talon enforces per-caller model and cost policy and records evidence. Same controls as native agents, zero app code changes beyond base URL.
Audited Secrets Vault β API keys encrypted at rest (AES-256-GCM). Per-agent ACLs. Every secret retrieval logged. Upgrade path to Infisical for rotation and SAML.
Prompt Injection Prevention β PDF/DOCX/HTML attachments are sandboxed automatically. Instruction-detection scanner flags injection attempts. Configurable: block, warn, or log.
Agent Memory β Agents write learnings to an audited soul directory. Every memory write passes through a multi-layer pipeline (hardcoded forbidden categories, OPA policy, PII scan, conflict detection) and is HMAC-signed. Shadow mode lets operators observe memory behavior before enabling writes. Retention policies auto-purge expired entries. Prompt injection controls filter which memories enter LLM context. Rollback to any previous state if memory poisoning is detected. Unlike MemOS or mem0, Talon's memory is a compliance asset β not just a developer convenience.
Scheduled & Event-Driven β Cron schedules and webhook triggers. Same policy enforcement whether an agent runs manually, on schedule, or from a GitHub webhook.
Shared Enterprise Context β Read-only company knowledge mounts. All agents share the same org facts. Data classification tier propagates to model routing.
Multi-LLM β OpenAI, Anthropic, AWS Bedrock (EU), Ollama (local). Tier-based routing: public data β cheap models, sensitive data β EU-only models.
Operational Control Plane β Real-time visibility and intervention for running agents. List, pause, resume, and kill runs via admin API. Tenant lockdown halts all agent activity instantly. Runtime overrides disable tools or tighten cost caps without redeploying policy files. Pre-tool approval gates pause execution for human sign-off on sensitive operations. Structured failure taxonomy in evidence records (cost_exceeded, operator_kill, policy_deny, etc.) for incident analysis. See Operational control plane reference.
OpenTelemetry-Native β Traces, metrics, and logs export via OTel. GenAI semantic conventions for LLM observability. Upgrade path to Langfuse + LGTM stack.
| Capability | Talon | MemOS | OpenClaw | LangChain | CrewAI |
|---|---|---|---|---|---|
| Policy enforcement | Yes (OPA) | No | No | No | No |
| Cost control | Yes (per-request) | No | No | No | No |
| PII detection | Yes (EU patterns, configurable) | No | No | No | No |
| Signed evidence record | Yes (HMAC-signed) | No | No | No | No |
| EU data stays in EU | Yes (EU routing) | No | No | No | No |
| MCP support | Yes (native) | Yes | Partial | Partial | No |
| Vendor proxy | Yes (MCP proxy) | No | No | No | No |
| LLM API gateway | Yes (/v1/proxy/) | No | No | No | No |
| Secrets vault | Yes (audited) | No | No | No | No |
| Prompt injection prev. | Yes (3-layer) | No | No | No | No |
| Agent memory | Yes (policy-controlled) | Yes (advanced: KV-cache, graph, LoRA) | No | No | Partial |
| Memory controls | Yes (PII scan, HMAC, rollback) | No | No | No | No |
| Operational control | Yes (kill/pause/lockdown/approve) | No | No | No | No |
| Multi-tenant | Yes | No | No | No | No |
| Open source | Apache 2.0 | Apache 2.0 | Yes | Yes | Yes |
| EU AI Act alignment | Yes | No | No | No | No |
Key differentiator: Talon is the only platform that adds compliance to existing third-party AI vendors without rewriting them. Your Zendesk AI Agent, Intercom bot, or custom Slack automation becomes audit-ready in hours.
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β β β β β β
β Agent/User ββββββββββββ Talon ββββββββββββ LLM/Tools β
β β β (Proxy) β β (Vendors) β
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β
ββββββββββββ΄βββββββββββ
β β
βΌ βΌ
ββββββββββββββββββββ ββββββββββββββββββββ
β Policy Engine β β Evidence Store β
β (OPA + Rego) β β (SQLite/PG) β
ββββββββββββββββββββ ββββββββββββββββββββ
Single Go Binary (no microservices, no Kubernetes)
Detailed view:
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β β β β β β
β β β β β β
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β Policy β β MCP Server β β Secrets β
β Engine β β + LLM β β Vault β
β (OPA) β β Router β β (AES-GCM) β
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β β β
β β β
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β Attachment β β Evidence β β Agent β
β Scanner β β Store β β Memory β
β (Injection β β (SQLite + β β (Soul Dir) β
β Prevention) β β OTel + HMAC)β β β
ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ
β β
β β
ββββββββββββββββ ββββββββββββββββββββββββ
β agent.talon β β LLM Providers β
β .yaml β β OpenAI/Anthropic β
β β β Bedrock/Ollama β
ββββββββββββββββ ββββββββββββββββββββββββ
# Project setup
talon init # Interactive wizard (TTY); creates agent + infra config
talon init --scaffold # Quick defaults without wizard (e.g. in CI/scripts)
talon init --pack openclaw # Starter pack (openclaw, fintech-eu, etc.)
talon init --list-providers # List LLM providers; --list-packs, --list-features
talon validate # Validate agent.talon.yaml
# Agent execution
talon run "query" # Run agent with policy enforcement
talon run --dry-run "query" # Show policy decision without LLM call
talon run --attach report.pdf "Summarize" # Process attachments (injection-scanned)
talon run --agent sales --tenant acme "..." # Specify agent and tenant
talon run --policy custom.talon.yaml "..." # Use explicit policy file
# Audit trail
talon audit list # List evidence records
talon audit list --tenant acme --limit 50 # Filter by tenant with limit
talon audit show <evidence-id> # Full record (Layer 3: classification, PII, HMAC)
talon audit verify <evidence-id> # Verify HMAC-SHA256 + compact summary
talon audit export --format csv|json|ndjson|html [--from YYYY-MM-DD] [--to YYYY-MM-DD] # HTML is self-contained
talon compliance report --framework gdpr --format html --output gdpr-report.html # Article-level mapping report
# Secrets vault
talon secrets set <name> <value> # Store encrypted secret (AES-256-GCM)
talon secrets list # List secrets (metadata only, values hidden)
talon secrets audit # View secret access log
talon secrets rotate <name> # Re-encrypt with fresh nonce
# Agent memory
talon memory list [--agent name] # Browse memory index
talon memory show <entry-id> # Full entry detail
talon memory search "query" # Full-text search
talon memory rollback <mem_id> --yes # Rollback to entry (soft-delete newer)
talon memory health [--agent name] # Trust distribution + conflicts
talon memory audit [--agent name] # Evidence chain verification
# Trigger server
talon serve [--port 8080] # Start HTTP server + cron scheduler
# Plan review
talon plan pending [--tenant acme] # List pending plans for review
talon plan approve <plan-id> [--tenant acme] # Approve pending plan
talon plan reject <plan-id> [--tenant acme] # Reject pending plan
talon plan execute <plan-id> [--tenant acme] # Execute an approved plan in non-serve mode
talon approver add --name "Jane Doe" --role team_lead # Generate approver bearer key
talon approver list # List approver identities
talon monitor --tenant acme # Drift signals (cost/denial/PII z-scores)
talon prompt history --tenant acme --agent support-bot # Prompt versions (when audit.include_prompts=true)
talon agents score --tenant acme --agent support-bot # Governance maturity score
talon costs --tenant acme --by-team # Team-level cost attribution
# Sessions
talon session list --tenant acme # List execution sessions
talon session show <session-id> # Show session details
talon session trace <session-id> # Show linked lifecycle evidenceFor OpenAI-compatible and agent-run HTTP endpoints, Talon accepts optional governance headers:
X-Talon-Reasoning: agent-provided decision rationale (stored in signed evidence asagent_reasoning)X-Talon-Session-ID: join an existing governed execution session (or Talon creates one)X-Talon-Agent-Signature+X-Talon-Agent-Timestamp: optional per-agent HMAC request attestation
PII detection uses Presidio-compatible recognizer definitions. Defaults are embedded (EU-focused: email, phone, IBAN, credit card, VAT, SSNs, IP, passport). You can extend or override them without recompiling:
- Global overrides: Put a
patterns.yamlfile in~/.talon/or the project directory. Same YAML format as the built-inpatterns/pii_eu.yaml. Later layers override earlier (embedded β global β per-agent). - Per-agent: In
agent.talon.yamlunderpolicies.data_classificationsetenabled_entities(whitelist),disabled_entities(blacklist), and/orcustom_recognizers(extra patterns). See the commented block intalon init --scaffoldor wizard-generated output.
Attachment (prompt-injection) patterns are configured the same way; see patterns/injection.yaml for the default set.
Semantic enrichment (optional): Redacted PII placeholders can include attributes (e.g. person gender, location scope) so downstream systems get structure without raw data. Enable in policies.semantic_enrichment; see PII semantic enrichment.
| Framework | Status | Key Talon Features |
|---|---|---|
| GDPR | β Core | PII detection, data residency, right to erasure, tamper-proof record |
| ISO 27001 | β Core | Secrets management (A.8.24), logging (A.8.15), access control (A.5.15) |
| NIS2 | β Core | Incident evidence, supply chain controls, risk management |
| DORA | β‘οΈ Partial | ICT incident logging, cost tracking, third-party risk |
| EU AI Act | β Core | Risk classification, human oversight, transparency, documentation |
| SOC 2 | β‘οΈ Partial | Trust services criteria via evidence + signed record |
Talon supports these controls but does not, by itself, certify regulatory compliance. Final compliance depends on your full process, legal interpretation, and operating environment.
GDPR Article 30 Exports: Generate processing records in one command. Shows what data was processed, by which agent, and when.
NIS2 Article 21 Evidence: Signed incident/event logs with timestamps and policy decisions to support risk management and reporting workflows.
DORA ICT Risk Controls: Cost governance, evidence retention, and third-party routing controls provide auditable input for operational resilience programs.
EU AI Act Articles 9, 13, 14: Risk management policies, transparency logs, and human oversight gates as supporting controls.
Before: Custom Slack bot for eSIM support. Works great, but no verifiable record. After: Added Talon in 4 hours (5 lines of code). Added auditable GDPR + NIS2 support controls. ROI: β¬15,000 saved (avoided rewrite) + eliminated fine risk.
Before: Zendesk AI Agent (β¬3,000/month). Black box, no visibility. After: Routed through Talon MCP proxy in 1 week. Full tamper-proof record. ROI: β¬100,000 saved (kept vendor) + stronger GDPR audit evidence.
Before: Building custom AI support from scratch. After: Used Talon from Day 1. Compliant without custom policy code. ROI: β¬25,000 saved (didn't build compliance layer) + faster time to market.
See: ADOPTION_SCENARIOS.md for detailed timelines.
See examples/ for ready-to-use agent configurations:
examples/sales-analyst/β Financial data analysis with PII redactionexamples/support-agent/β Customer support with EU data routingexamples/code-reviewer/β Code review with tool access controlsexamples/vendor-proxy/β Third-party vendor compliance wrapper
Talon is designed for progressive complexity β start simple, add sophistication via configuration:
| Component | MVP (Free) | Growth (Self-hosted) | Enterprise |
|---|---|---|---|
| Storage | SQLite | PostgreSQL | PostgreSQL + S3 WORM |
| Secrets | Embedded vault | Infisical (self-hosted) | Infisical Enterprise / Vault |
| Observability | OTel β stdout | LGTM stack + Langfuse | Datadog / Elastic |
| Agent isolation | Process | Docker / gVisor | Firecracker MicroVMs |
| Protocols | MCP | MCP + A2A | MCP + A2A + custom |
| Auth | API key | OIDC | SAML / SSO |
See CONTRIBUTING.md and AI_ASSISTANCE.md.
Quick ways to help:
- New contributors:
good first issue - Larger tasks:
help wanted - Start here issue: Roadmap + how to contribute
- Roadmap context: ROADMAP.md
- Share a deployment story: case study template
- Maintainer response target: first response within 72 hours (best effort)
For notable releases, we document:
- problem solved,
- who should care,
- how to verify quickly,
- upgrade impact,
- one share artifact (screenshot/GIF/snippet) when relevant.
See CHANGELOG.md and Releases.
Apache 2.0 β See LICENSE
- Documentation: docs/
- Quick Start: QUICKSTART.md
- Contributing: CONTRIBUTING.md
- Code of Conduct: CODE_OF_CONDUCT.md
- Security Policy: SECURITY.md
- Persona Guides: PERSONA_GUIDES.md β How Compliance, CTO, SecOps, FinOps, and DevOps use Talon
- Memory Governance: MEMORY_GOVERNANCE.md
- Vendor Integration: VENDOR_INTEGRATION_GUIDE.md
- Operational Control Plane: docs/reference/operational-control-plane.md β Run management, overrides, tool approval API
- Adoption Paths: ADOPTION_SCENARIOS.md
- Website: https://talon.dativo.io
- Issues: https://github.com/dativo-io/talon/issues
EU AI Act enforcement: August 2026. Do you have evidence and human-oversight controls for your AI operations?
Already using AI vendors? Add policy enforcement and signed evidence in hours, not months.