Skip to content

feat: Add tutorial on securing pipelines against runaway costs and PII leaks#467

Open
nagasatish007 wants to merge 3 commits into
deepset-ai:mainfrom
agentguard-ai:feat/tealtiger-governance-tutorial
Open

feat: Add tutorial on securing pipelines against runaway costs and PII leaks#467
nagasatish007 wants to merge 3 commits into
deepset-ai:mainfrom
agentguard-ai:feat/tealtiger-governance-tutorial

Conversation

@nagasatish007

@nagasatish007 nagasatish007 commented Jun 17, 2026

Copy link
Copy Markdown

New Tutorial: Securing Pipelines Against Runaway Costs and PII Leaks

Adds tutorial #50 demonstrating how to add deterministic governance to Haystack pipelines using TealTiger.

What it covers

  1. Building a RAG pipeline with Haystack
  2. Detecting PII (SSNs, credit cards) in pipeline context before it reaches the LLM
  3. Detecting secrets/API keys in retrieved documents
  4. Enforcing per-session cost budgets to prevent infinite agent loops
  5. Creating a custom TealTigerGovernanceFilter Haystack component
  6. Inspecting structured governance audit trails

Why this is useful for Haystack users

Once agents can call tools and query databases, new risks appear: PII flowing to the model, secrets in generated code, and cost runaway from infinite loops. This tutorial shows how to prevent all three with a deterministic governance layer that adds <5ms overhead and requires no additional LLM calls.

Tutorial metadata

  • Level: Intermediate
  • Time to complete: 20 min
  • Dependencies: tealtiger
  • Components used: OpenAIChatGenerator, Pipeline, custom @component

Checklist

  • Follows the template.ipynb structure
  • Includes installation, setup, step-by-step sections, and "About us" footer
  • Added entry to index.toml
  • File follows naming convention: 50_Securing_Pipelines_Against_Runaway_Costs_and_PII_Leaks.ipynb
  • No API keys or secrets in the notebook

About TealTiger

TealTiger is an open-source (Apache 2.0) deterministic governance SDK for AI agents. It provides PII detection, secret scanning (500+ patterns), cost tracking, and policy enforcement with <5ms overhead and no LLM in the governance path. Available on PyPI and npm.

Note: TealTiger is already listed as a community integration in the Haystack documentation:
https://haystack.deepset.ai/integrations/tealtiger

The tealtiger-haystack package is available on PyPI and follows the Haystack integration pattern. This tutorial complements the existing integration page by providing a hands-on walkthrough showing the governance capabilities in action within a pipeline context.

This tutorial covers securing multi-agent pipelines against runaway costs and PII leaks using TealTiger governance. It includes steps for building a RAG pipeline, installing dependencies, and implementing governance checks.
Added a new tutorial entry for securing pipelines.
@nagasatish007 nagasatish007 requested a review from a team as a code owner June 17, 2026 17:49
@review-notebook-app

Copy link
Copy Markdown

Check out this pull request on  ReviewNB

See visual diffs & provide feedback on Jupyter Notebooks.


Powered by ReviewNB

@nagasatish007

Copy link
Copy Markdown
Author

@julian-risch Can you please review the PR :)

@julian-risch

Copy link
Copy Markdown
Member

@julian-risch Can you please review the PR :)

Hello @nagasatish007 , My colleagues @bilgeyucel and @kacperlukawski will review your PR. Thank you for your patience!

@nagasatish007

Copy link
Copy Markdown
Author

Hi @bilgeyucel @kacperlukawski can you please review the PR.Thanks.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

  • Adds a new Haystack tutorial notebook focused on adding deterministic governance (PII/secret detection + cost controls) with TealTiger.
  • Registers the new tutorial in index.toml so it appears in the tutorials index.

Changes:

  • New tutorial notebook: 50_Securing_Pipelines_Against_Runaway_Costs_and_PII_Leaks.ipynb
  • Adds tutorial metadata entry to index.toml

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 11 comments.

File Description
tutorials/50_Securing_Pipelines_Against_Runaway_Costs_and_PII_Leaks.ipynb Introduces the new tutorial content and example code for governance scanning/filtering and cost tracking.
index.toml Adds tutorial #50 metadata (title/description/level/weight/notebook/deps).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

"# Simulated documents that contain sensitive data\n",
"documents = [\n",
" Document(\n",
" content=\"Customer John Smith, SSN: 123-45-6789, has an outstanding balance of $4,200.\",\n",
" meta={\"source\": \"customer_records\"},\n",
" ),\n",
" Document(\n",
" content=\"The database connection uses password: sk-prod-8f2a9b4c1d3e5f6a7b8c9d0e and connects to prod-db.internal.company.com.\",\n",
Comment on lines +159 to +161
"## Building a Governed RAG Pipeline\n",
"\n",
"Now let's build a Haystack RAG pipeline that uses the governed client. TealTiger integrates at the LLM client level, so it works transparently with any Haystack component that calls OpenAI."
Comment on lines +206 to +208
"## Testing: Safe Document (No PII)\n",
"\n",
"Let's first query with the earnings report document -- this contains no sensitive data and should pass governance."
"\n",
"print(\"Query: What was the Q4 revenue?\")\n",
"print(f\"Answer: {result['llm']['replies'][0].text}\")\n",
"print(\"\\nGovernance: ALLOWED (no PII or secrets detected)\")"
Comment on lines +286 to +289
"## Building a Governed Pre-Processing Component\n",
"\n",
"To integrate TealTiger directly into a Haystack pipeline, you can create a custom component that scans content before it reaches the LLM:"
]
Comment on lines +397 to +398
"import json\n",
"\n",
"cell_type": "markdown",
"metadata": {},
"source": [
"# Tutorial: Secure Multi-Agent Pipelines Against Runaway Costs and PII Leaks\n",
"\n",
"- **Level**: Intermediate\n",
"- **Time to complete**: 20 min\n",
"- **Components Used**: [`OpenAIChatGenerator`](https://docs.haystack.deepset.ai/docs/openaichatgenerator), [`Agent`](https://docs.haystack.deepset.ai/docs/agent), [`Pipeline`](https://docs.haystack.deepset.ai/docs/pipeline)\n",
Comment on lines +175 to +178
"# Build the RAG pipeline with TealTiger governance\n",
"rag_pipeline = Pipeline()\n",
"\n",
"# Use Haystack's OpenAIChatGenerator -- TealTiger governs at the API level\n",

@kacperlukawski kacperlukawski left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, @nagasatish007! That's an important topic, however I would prefer the tealtiger-haystack to be used instead of manual wiring. We have an integration in place, and that should be the preferred way.

…rnanceComponent)

Addresses reviewer feedback:
- Use tealtiger-haystack package with TealTigerGovernanceComponent
- Component properly wired into pipeline graph (not manual)
- Fix title: remove 'Multi-Agent' (no Agent used)
- Fix metadata: remove Agent from components list
- Use obviously invalid PII placeholders (000-00-0000)
- Remove fake sk- prefixed secrets
- Remove unused json import
- Fix premature governance claims
- Show OBSERVE mode (zero-config) and ENFORCE mode (policies)
- Demonstrate cost budget enforcement
- Show structured audit trail inspection
@nagasatish007

Copy link
Copy Markdown
Author

Thanks @kacperlukawski — great point! I've completely rewritten the tutorial to use the tealtiger-haystack integration package (TealTigerGovernanceComponent) as the primary approach. No more manual wiring.

Changes in the latest commit:

  • Uses pip install tealtiger-haystack and imports from haystack_integrations.components.connectors.tealtiger
  • TealTigerGovernanceComponent is added to the pipeline and connected via pipeline.connect() — proper Haystack component pattern
  • Removed the custom component / manual wiring entirely
  • Also addressed all Copilot review comments (invalid placeholder PII, removed fake sk- secrets, fixed title/metadata, removed unused imports)

Tutorial now covers:

  1. Zero-config OBSERVE mode — component added with no arguments, tracks cost + PII automatically
  2. ENFORCE mode — policies block PII/secrets before they reach the LLM
  3. Cost budget enforcement — prevents runaway agent loops
  4. Structured audit trail inspection — correlation IDs, timestamps, findings

Let me know if there's anything else you'd like adjusted!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants