No. TealTiger evaluates governance decisions deterministically from the active policy, request metadata, and runtime context. The same input and policy produce the same decision every time, without asking a model to judge the request.
TealTiger is designed to add less than 5ms per governance evaluation in normal runtime paths. Provider network latency and model generation time usually dominate the total request time.
No. TealTiger runs in-process with your application, so you can add governance without deploying a separate service. Teams that want centralized collection or dashboards can still export evidence and events to their own infrastructure.
TealTiger documents support for 12 LLM providers: OpenAI, Anthropic, Google Gemini, AWS Bedrock, Azure OpenAI, Cohere, Mistral AI, DeepSeek, Groq, Together AI, Hugging Face TGI, and xAI/Grok. Provider-specific keys should stay in environment variables or other secret-management systems, not in source files.
Yes. TealTiger is open source and licensed under Apache 2.0. That means you can use, modify, and distribute it under the terms of the repository license.
Follow the repository Security Policy. Do not open a public GitHub issue for a vulnerability if the security policy asks for private reporting first.
Usually, yes. The repository documents platform and framework integrations for AWS Bedrock Agents, AWS AgentCore, Azure AI Agent Service, LangChain, CAMEL-AI, Haystack, and the Vercel AI SDK, with additional framework adapters planned or documented in the integration specs.
ENFORCE is the production-style mode: denied decisions can block or redact the
request. MONITOR evaluates policy and records decisions while allowing the
request through. REPORT_ONLY is for low-impact reporting workflows where teams
want governance output without changing runtime behavior.