Dativo Talon

$ talon audit list
ID          TIME                 CALLER        PII              COST(€)  MODEL         DECISION
evt_a1b2c3  2026-03-15T10:23:45  support-bot   email(1)         0.003    gpt-4o-mini   allowed
evt_d4e5f6  2026-03-15T10:24:12  hr-assistant  iban(2)          0.000    gpt-4o        blocked:pii
evt_x9y0z1  2026-03-15T10:24:45  eng-tools     none             0.000    —             blocked:tool
evt_g7h8i9  2026-03-15T10:25:01  eng-tools     none             0.012    claude-3.5    allowed
evt_j0k1l2  2026-03-15T10:25:30  support-bot   email(1),phone   0.004    gpt-4o-mini   allowed:redacted

One URL change. PII scan, tool block, tamper-proof record. No code rewrites.

Talon is a single Go binary in front of OpenAI, Anthropic, and Bedrock. Point your app at localhost:8080/v1/proxy/openai instead of api.openai.com — same API, same response. Every call is policy-checked, PII-scanned, cost-tracked, and logged. Works with Slack bots, OpenClaw, CoPaw, and other OpenAI-compatible clients. Built for EU teams that need strong governance signals (GDPR, NIS2, DORA, EU AI Act); Apache 2.0.

---

Install Options (pick one)

• Go (fastest): go install github.com/dativo-io/talon/cmd/talon@latest
• Release binary (checksummed): GitHub Releases + checksums.txt
• Container image: ghcr.io/dativo-io/talon:latest (also :vX.Y.Z, :X.Y)
• Install script (checksum verification included): curl -sSL https://install.gettalon.dev | sh

Note: GitHub may still show Packages 0 in the sidebar. Use the release artifacts and GHCR image coordinates above as the source of truth.

Artifact verification quick check:

# verify release assets exist
LATEST=$(gh release view --json tagName -q .tagName)
gh release view "$LATEST" --json assets -q '.assets[].name'

# verify GHCR image is published
docker pull ghcr.io/dativo-io/talon:latest

60-Second Demo (no API key needed)

git clone https://github.com/dativo-io/talon && cd talon
cd examples/docker-compose && docker compose up

# In another terminal — send a request with PII:
curl -X POST http://localhost:8080/v1/proxy/openai/v1/chat/completions \
  -H "Content-Type: application/json" \
  -d '{"model":"gpt-4o-mini","messages":[{"role":"user","content":"My email is jan@example.com and my IBAN is DE89370400440532013000. Help me reset my password."}]}'

# See the record (PII detected, cost, decision):
docker compose exec talon /usr/local/bin/talon audit list

The mock provider handles the LLM call. Evidence appears immediately — PII detected, cost logged, HMAC-signed record. What exactly does Talon do to your request?

Proof In 30 Seconds

cd examples/docker-compose
docker compose up -d
curl -X POST http://localhost:8080/v1/proxy/openai/v1/chat/completions \
  -H "Content-Type: application/json" \
  -d '{"model":"gpt-4o-mini","messages":[{"role":"user","content":"my email is jan@example.com and iban DE89370400440532013000"}]}'
docker compose exec talon /usr/local/bin/talon audit list --limit 1
docker compose exec talon /usr/local/bin/talon audit show <evidence-id>

Expected outcome:

• request is accepted or policy-blocked based on your config
• evidence row includes PII types + decision
• talon audit verify <evidence-id> returns valid signature

Visual capture workflow (for release notes/social posts):

# generate deterministic sample records for screenshots/GIF capture
bash scripts/demo-recorder.sh

---

What it stops

• Your agent called bulk_delete_users. A PII-only proxy (e.g. CloakLLM, or a DIY FastAPI proxy) never sees tool names — the LLM talks directly to your backend. Talon sits in front of the LLM and the tool layer: MCP tools/call and gateway requests are policy-checked before execution. Forbidden tools are blocked; every call is logged. You get a record nobody can quietly edit.
• A prompt contained an IBAN and the model replied with it. Logging after the fact does not stop the leak. Talon scans input (and optionally response) before the call completes; you can block, redact, or restrict to EU-only models when PII is detected. Budget is evaluated before the call, not after — unlike LiteLLM-style post-spend alerts.
• You have no proof of what ran. Spreadsheets and ad-hoc logs are easy to alter. Talon writes an HMAC-signed evidence record per request to SQLite; verify with talon audit verify. Export to CSV for your compliance officer.
• Third-party AI (Zendesk, Intercom) is a black box. You are liable even if they say they are compliant. Route them through Talon's MCP proxy: you get the same PII scan, tool filter, and tamper-proof record without the vendor rewriting their stack.

See also: Why not just a PII proxy?

Three Ways to Adopt Talon

1. Already Using Third-Party AI Vendors? (MCP Proxy)

Scenario: You pay Many €/month for Zendesk AI Agent, Intercom, or HubSpot AI. It works great, but you can't prove GDPR compliance.

Solution: Route vendor through Talon's MCP proxy (30 minutes setup).

# Point vendor to Talon, gain full visibility
agent:
  name: "zendesk-vendor-proxy"
  type: "mcp_proxy"

proxy:
  upstream: "https://zendesk-ai-agent.com"

pii_handling:
  redaction_rules:
    - field: "customer_email"
      method: "hash"
    - field: "customer_phone"
      method: "mask_middle"

compliance:
  frameworks: ["gdpr", "nis2"]
  audit_retention: 365

Result:

• ✅ Vendor keeps working (transparent proxy)
• ✅ You have a tamper-proof record (GDPR Article 30 exports)
• ✅ PII redacted before vendor access
• ✅ Can block forbidden operations

See: VENDOR_INTEGRATION_GUIDE.md

---

2. Already Have Custom AI Automation? (Wrap with Talon)

Scenario: You built a Slack bot 6 months ago. Works great, but compliance officer needs verifiable records.

Solution: Add 5 lines of code to route through Talon (4 hours setup).

# BEFORE (ungoverned)
response = openai.ChatCompletion.create(
    model="gpt-4",
    messages=[{"role": "user", "content": query}]
)

# AFTER (governed) - 5 lines changed
response = requests.post("http://localhost:8081/v1/chat/completions", json={
    "agent_id": "slack-support-bot",
    "model": "gpt-4",
    "messages": [{"role": "user", "content": query}]
})

Result:

• ✅ Bot keeps working (same UX)
• ✅ Stronger GDPR + NIS2 control coverage with auditable records
• ✅ No rewrite needed
• ✅ Audit-ready in 1 day

See: ADOPTION_SCENARIOS.md

---

3. Building New AI Agents? (Native Talon)

Scenario: Greenfield project, want governance controls from Day 1.

Solution: Use Talon from the start (2 minutes to first agent).

# Install
go install github.com/dativo-io/talon/cmd/talon@latest
# macOS: if you see "unsupported tapi file type" or clang linker error, use:
#   CC=/usr/bin/clang go install github.com/dativo-io/talon/cmd/talon@latest
# or: curl -sSL https://install.gettalon.dev | sh

# Initialize (interactive wizard in a terminal; use --scaffold for quick defaults)
mkdir my-agents && cd my-agents
talon init

# Configure secrets (or use env: export OPENAI_API_KEY=sk-proj-...)
talon secrets set openai-api-key "sk-proj-..."

# Run first governed agent
talon run "Summarize EU AI regulation trends"

Result:

• ✅ Compliant from Day 1
• ✅ No custom policy code
• ✅ Policy-as-code in YAML
• ✅ Audit trail automatic

See: QUICKSTART.md

---

Install

Talon requires Go 1.22+ and CGO (for SQLite). Standard options:

From source (any branch, recommended for development):

git clone https://github.com/dativo-io/talon.git
cd talon
git checkout main   # or feat/your-branch
make build          # → bin/talon
# or: make install  # → $GOPATH/bin/talon

On macOS, make build / make install use the system Clang by default so CGO linking works. If you use go build or go install directly and see unsupported tapi file type '!tapi-tbd', set the compiler: CC=/usr/bin/clang CGO_ENABLED=1 go build -o bin/talon ./cmd/talon/.

From a released version (stable):

go install github.com/dativo-io/talon/cmd/talon@latest
# or a specific tag: ...@v1.0.0

macOS: If go install fails with unsupported tapi file type '!tapi-tbd' (Homebrew LLVM vs Apple SDK), use system Clang: CC=/usr/bin/clang go install github.com/dativo-io/talon/cmd/talon@latest. Or clone the repo and run make install (Makefile forces system Clang).

Note: You cannot install a branch with go install ...@branch-name; Go expects a module version (tag or pseudo-version). To run a branch, clone the repo and use make build or make install from that branch.

---

Quick Start (2 minutes)

# Install (see Install section above), then:
mkdir my-agents && cd my-agents
talon init          # Interactive wizard (in a terminal); or: talon init --scaffold for quick defaults

# Set your LLM provider key (or use vault: talon secr