Controls rebuilt per app
Each team creates its own model rules, PII handling, tool permissions and provider wiring.
Give support bots, coding assistants, internal copilots and AI workflows shared cost control, reliability, policy and session understanding. Talon enforces the boundary before access and leaves signed evidence behind every decision.
The problem changes after the first AI app
AI apps, agents and coding tools should not each reinvent budgets, failure behavior, data policy, session visibility and incident evidence. Talon gives them one operating and policy layer without becoming the orchestrator.
Each team creates its own model rules, PII handling, tool permissions and provider wiring.
Retries and fallback become ad hoc, and availability pressure can silently weaken policy.
Operators cannot quickly explain what one use case did, spent, or why it stopped.
Four control-plane outcomes
Each control runs on the same governed path and produces the evidence needed to explain the result.
Per-request and per-use-case budgets, session soft caps, pre-provider denial and signed reasons for budget decisions.
Control spend →Supported transient failures can engage an explicit fallback chain. Every candidate is re-checked against the resolved effective policy.
See reliability →Resolve the organization baseline and one explicit use-case override for models, providers, cost, PII, tools and egress.
Apply policy →Inspect sessions with cost, denials, routing, subagent attribution and signed request history inside the authenticated use-case boundary.
Understand sessions →How it works
A decision you can inspect
Talon estimates the next request before provider access, compares the projected session total with effective policy, prevents the call when the limit would be crossed, and records the decision as signed evidence.
Explore signed runtime evidence →hmac: validThree reproducible proof stories
Cross a use-case or session limit, confirm the next request is denied before provider access, then inspect the signed reason.
Cost proof →Trigger a supported transient failure and verify that every fallback candidate is checked against the same effective policy.
Reliability proof →Deny a disallowed tool, PII flow, model or egress destination before access, then verify the evidence.
Policy proof →Technical and operator detail
Talon resolves the presented vault-bound key to the configured agent and tenant, then combines the organization baseline and the use-case override into one effective snapshot. Unknown keys fail; hard organization constraints cannot be weakened.
AI use case key
→ configured agent + tenant
→ organization policy + use-case override
→ effective policy snapshot
→ primary / fallback / reporting / evidenceOn supported transient failures such as timeouts, connection errors, 429s and provider 5xx responses, Talon evaluates an ordered fallback chain. Every candidate is re-checked against provider, model, sovereignty and budget constraints.
primary request
→ transient failure
→ evaluate explicit fallback candidate
→ re-check effective policy
→ serve allowed candidate OR fail closed
→ record signed evidenceThe public product language is “AI use case.” The concrete Talon configuration object is the agent.
talon agentsConfiguration state, health, cost and explicit causes across the installed use cases.
talon costs --agent <name>Attributed cost and effective caps for one use case.
talon audit list --session <id>Requests, providers, models, denials and history for the session.
talon audit show <id> && talon audit verify <id>Inspect the decisive reason, then verify record integrity.
Provider traffic routed through Talon can be governed and evidenced. Visible tool schemas and intercepted MCP calls can be controlled. Local shell commands, file edits, browser actions or direct API calls that bypass Talon remain invisible.
The configured agent is authenticated by its vault-bound key. Client-supplied subagent and session metadata is attribution, not cryptographic workload attestation. Session caps remain soft unless atomic reservation exists.
through Talon
→ effective policy
→ control + evidence
bypasses Talon
→ not controlled
→ not observed
signed evidence
→ tamper-evident runtime proof
→ not a compliance certificateStart with one real use case
Route one existing AI use case through Talon, trigger a budget, reliability or policy condition, and inspect the session and signed evidence before designing a broader rollout.