Pre-governance observation engine for AI agents.
Tesseract is the on-ramp to Faramesh Core governance. It wraps your agent's tool calls in zero-policy observe mode, records everything, analyzes behavioral patterns, and auto-generates a calibrated initial policy — so you can enable enforcement with confidence instead of guessing.
Without observation, the path is: guess at policies → deploy → break production → disable governance.
With Tesseract: instrument → observe → auto-generate policy → review → enforce.
go get github.com/faramesh/tesseractimport "github.com/faramesh/tesseract"
// 1. Create an observer
obs := tesseract.NewObserver(100000)
// 2. Record tool calls (wrap your existing tool execution)
obs.Record(tesseract.ObservedCall{
AgentID: "payment-bot",
SessionID: "sess-001",
ToolID: "stripe/refund",
Args: map[string]any{"amount": 150.00},
})
// 3. Check governance readiness
score := tesseract.CalculateReadiness(obs)
fmt.Printf("Readiness: %d/100 (%s)\n", score.Score, score.Level)
// 4. Auto-generate a policy
gen := tesseract.NewPolicyGenerator(obs)
policy := gen.Generate()
fmt.Print(policy.ToFPL())Zero-policy observation of all agent tool calls. Nothing is denied or deferred — everything is recorded for analysis.
- Ring-buffer storage (configurable max calls)
- Per-agent and per-session grouping
- Tool frequency analysis
- Error rate tracking
Analyzes observed patterns and computes a 0-100 readiness score:
Score: 67/100 ⚠️ Needs Attention
──────────────────────────────────
✓ 23 distinct tools observed
✗ 4 tools have global blast radius
✗ Error rate exceeds 10%
Levels: not_ready → basic → moderate → ready → production
Auto-generates FPL policy drafts from observed patterns:
- Classifies tools by blast radius (none/local/network/global)
- High-blast-radius tools → DEFER (require human approval)
- High-frequency routine tools → PERMIT with rate limits
- Unknown tools → DEFER (conservative default)
- Each rule includes confidence score and evidence
Post-enforcement continuous monitoring for behavioral drift — argument distribution changes, new tools, frequency anomalies.
faramesh tesseract observe --agent payment-bot --output ./observations/
faramesh tesseract score --agent payment-bot
faramesh tesseract generate --agent payment-bot --last 7d --output policy.yaml
faramesh tesseract drift --agent payment-bot --since 30dTesseract stores structural signatures and statistical summaries only — never raw argument values. An observation store can be shared for analysis without leaking production data.
| Product | Layer | Purpose |
|---|---|---|
| Tesseract | Pre-governance | Observe → generate policy |
| Core | L1 enforcement | Deterministic tool call governance |
| Sverm | L3 detection | Cross-agent behavioral analysis |
| Hub | Distribution | Policy pack registry |
| Horizon | Enterprise | Fleet management, compliance, SSO |
Apache License 2.0 — see LICENSE.