Dativo Talon documentation

Dativo Talon is a self-hostable governance gateway for LLM applications, AI agents, and vendor AI workflows. It helps teams enforce policy before provider access and produce signed evidence after each decision.

Use these docs to install Talon, route existing AI traffic through the gateway, configure PII and tool controls, cap spend, enforce EU data-sovereignty and egress rules, and export audit-ready evidence.

Latest release highlights

Recent Talon development added user-facing controls and proof artifacts that matter for operators, DPOs, and security reviewers:

• Auditor handoff pack — generated sample package with signed evidence, compliance report, GDPR Art. 30 RoPA, and EU AI Act Annex IV technical-documentation output.
• RoPA and Annex IV exports — talon compliance ropa and talon compliance annex-iv merge declared organisational facts with runtime facts from signed evidence.
• Declaration-missing workflow — exports flag missing controller, processing, retention, or system facts instead of pretending the record is complete.
• Egress and data-flow evidence — signed records can show where classified data moved, which destinations were blocked, and where transfer gaps remain unresolved.
• Governance control matrix — one reference page maps controls across runner, gateway, MCP server/proxy, and graph-adapter entry paths.

Read the release notes before upgrading or copying older configuration snippets.

Start here

• 60-second demo — run a no-key Docker demo and inspect signed evidence.
• Evidence integrity proof — export signed evidence, tamper with a field, and verify failure.
• Quickstart — choose the right path: existing app, new agent, or demo.
• Your first governed agent — install, initialize, run, and inspect evidence.
• Add Talon to your existing app — point an existing OpenAI-compatible client at Talon.

Auditor and compliance workflows

• Sample auditor pack — see the exact files you can hand to a DPO, customer security reviewer, or internal audit.
• Export evidence for auditors — export reduced reports, signed evidence, RoPA, and Annex IV packs.
• Clear DECLARATION MISSING blocks — fill the declared facts Talon cannot infer from evidence.
• Evidence integrity specification — independently verify signed evidence records.
• Governance control matrix — understand which controls run on each Talon entry path.

Common use cases

• Add compliance to a Slack bot
• Govern OpenClaw with Talon
• Offer Talon to multiple customers

Key concepts

• What Talon does to your request
• Evidence store
• Why not just a PII proxy?
• Agent planning
• Memory governance

Reference

• Configuration
• Authentication and key scopes
• Provider registry
• Gateway dashboard
• Threat model
• Conformance
• Benchmarks
• Observability
• Policy cookbook
• Release notes

Source of truth

The source markdown lives in the dativo-io/talon repository. This site is the canonical public documentation surface for indexing, navigation, and customer evaluation.