Add AI Governance to Your Agent in 5 Minutes

A step-by-step guide to adding policy enforcement, PII detection, and compliance receipts to any AI agent.

February 11, 2026  ·  5 min read  ·  Tork Network

Why Governance Matters

Your AI agent is making API calls, processing user data, and executing tool calls. Without governance, there's nothing stopping it from leaking a customer's SSN to a third-party API or executing a destructive tool call in production. Governance isn't about compliance theatre — it's about making sure your agent does what you expect, every time, with proof.

Step 1: Install the SDK

Tork has SDKs for every major language. Pick yours:

SDKs are also available for Go, Rust, Ruby, PHP, .NET, Java, Kotlin, Swift, and Elixir. See the full documentation for all install commands.

Step 2: Get Your API Key

Sign up at tork.network/signup to get your API key. The free tier includes 5,000 API calls per month — no credit card required. Your key will look like tork_jwt_... or tork_live_....

Store it as an environment variable:

Step 3: Add the Middleware

Wrap your agent's LLM calls with Tork's governance check. Here's how in Python and JavaScript:

Python

JavaScript

That's it. Every message now passes through Tork before reaching the LLM. PII is automatically detected and redacted, and policies are enforced.

Step 4: Configure Policies

Tork ships with sensible defaults, but you can customise policies to match your requirements. Here's a simple policy config:

Policies can be strict (block on any violation), standard (warn and log), or minimal (log only). You can also define custom per-tool rules.

Step 5: Check Your Dashboard

Once your agent starts making governed calls, head to your Tork dashboard. You'll see:

• Real-time usage stats — API calls, PII detections, policy violations
• Compliance receipts — Cryptographic, HMAC hash-chained proof of every governance decision. Hand these to auditors for HIPAA, GDPR, SOC 2, or PCI-DSS reporting.
• TORKING-X score — A 0–100 governance maturity rating across nine dimensions: Tamper-Evidence, Privacy, Ephemeral Identity, Quality Guardrails, Circuit Breakers, Supply Chain, Tool Safety, Memory Integrity, and HITL Enforcement.

What You Get Out of the Box

• PII detection for 50+ types — Emails, SSNs, credit cards, phone numbers, healthcare IDs, biometric data, and regional formats across 13 countries
• Policy enforcement — Block dangerous tool calls, restrict data access, require human approval for sensitive actions
• Compliance receipts — Tamper-proof, HMAC hash-chained audit trail for every governance decision
• TORKING-X scoring — Quantified governance maturity across nine dimensions
• Kill switch — Instantly halt any agent with a single API call
• 116 framework adapters — LangChain, CrewAI, AutoGen, OpenAI, MCP, and more
• ~20ms latency — Governance checks run fast enough for real-time agent workflows

Next Steps

• Read the full documentation for advanced configuration, framework-specific adapters, and API reference
• Check out Tork Guardian for OpenClaw if you're building with OpenClaw skills
• See pricing plans for higher limits, custom policies, SSO, and enterprise features
• Star us on GitHub and let us know what you're building

Tork Network Pty Ltd — Sydney, Australia