Integration · LangGraph · AI agent governance

Govern LangGraph agents with Talon.

LangGraph makes it easy to build agentic workflows. Talon adds the runtime governance layer around model calls, tool exposure, PII, cost, EU routing, and signed evidence.

Run the 60-second demo AI agent governance guide View on GitHub

LangGraph agent
  → ChatOpenAI / OpenAI client
  → Talon gateway
      → PII scan
      → model policy
      → tool filtering
      → cost cap
      → evidence
  → LLM provider

LangGraphTool governancePII controlsCost capsEvidence

Problem

LangGraph agents need controls around both prompts and tools.

Agent frameworks help teams compose reasoning, tool calls, and stateful workflows. That power creates governance questions: which tools are exposed, which model receives sensitive data, how many steps can execute, and how can the team prove what happened?

🛠️

Tool exposure

Filter dangerous tools before the model sees them, or block the whole request when unsafe tools are present.

🔐

PII in prompts

Detect and redact customer or employee identifiers before forwarding to a provider.

💶

Agent cost

Attribute and control cost by caller, tenant, agent, or workflow before spend gets out of control.

Minimal setup

Point the LangGraph model client at Talon.

The first integration path is the LLM API gateway. Keep your LangGraph application logic and change the OpenAI-compatible base URL so model traffic passes through Talon.

from langchain_openai import ChatOpenAI

llm = ChatOpenAI(
    model="gpt-4o-mini",
    base_url="http://localhost:8080/v1/proxy/openai/v1",
    api_key="<talon-caller-key>",
)

# Use llm inside your LangGraph nodes as usual.

Governance pattern

What Talon controls for LangGraph agents.

LangGraph risk	Example	Talon control
Prompt contains PII	Support ticket includes email, IBAN, or phone number	Input scan, redact/block/warn policy, data-tier classification
Agent exposes unsafe tool	`delete_records`, `export_all_customers`	Forbidden tools, allowed tools, filter/block mode
Unapproved model	Confidential workflow sent to a non-approved provider	Model allowlists and EU data sovereignty routing
Runaway loop cost	Multi-step graph triggers many model calls	Per-caller, per-request, daily, monthly, and per-run cost controls
No audit evidence	Only application logs exist after the run	Signed evidence records with policy decision, PII findings, model, cost, and hashes

Verify

Check evidence after a LangGraph run.

After routing traffic through Talon, inspect recent evidence and verify the signature. This gives engineering, security, compliance, and FinOps a shared record of what happened.

talon audit list --limit 10

talon audit show <evidence-id>

talon audit verify <evidence-id>

talon costs --tenant default

Next step

Govern one LangGraph workflow first.

Start with a workflow that has customer data, tools, or repeated model calls. Add Talon as the gateway, define one tool policy, and verify evidence.

Run the demo Compare with a PII proxy