Skip to content

Importance-weighted governance decision storage for AI agent compliance #2284

Description

@nagasatish007

Use Case

Building multi-agent systems with TealTiger governance — every tool call, LLM request, and agent action produces a deterministic governance decision (allow/deny/monitor) with a risk score. These decisions need persistent memory that:

  1. Retains high-risk security denials (secret detected, PII blocked) for months
  2. Naturally forgets routine low-risk approvals after days/weeks
  3. Allows contextual recall: "what governance decisions were made for this agent in similar situations?"

Goal: governance memory that behaves like human memory — critical security events are memorable, routine approvals fade.

Problem Statement

Governance decisions currently live in flat storage (in-memory or database rows). Every decision gets the same retention regardless of importance. This creates two problems:

  1. Storage bloat — millions of routine ALLOW decisions accumulate with no decay
  2. No contextual recall — when making a new governance decision, there's no way to ask "has this agent been denied for similar actions before?" without scanning the entire history
  3. No importance hierarchy — a critical DENY (risk_score=95, secret detected) has the same storage lifetime as a trivial ALLOW (risk_score=0, routine tool call)

We need memory that understands importance and context, not just timestamps.

How This Feature Would Help

Hindsight's importance-based retention and contextual recall would solve all three problems:

  • Natural decay: Routine ALLOWs (importance=0.60) fade within days. Critical DENYs (importance=0.95) persist for compliance audits.
  • Contextual governance: Before evaluating a new tool call, recall similar past decisions. If an agent was denied 5 times for PII in web_search results, that context informs the next evaluation.
  • Anomaly detection: Query "show me agents whose denial rate spiked vs. their historical baseline" — impossible with flat storage, natural with Hindsight's memory model.

This makes governance adaptive without making it non-deterministic — the policy engine is still rule-based, but it has memory of past outcomes.

Proposed Solution

A HindsightGovernanceMemory adapter that maps TealTiger decisions to Hindsight memories:

from hindsight import HindsightClient
from tealtiger.integrations.hindsight import HindsightGovernanceMemory

hindsight = HindsightClient(api_key="your-key")

memory = HindsightGovernanceMemory(
    client=hindsight,
    importance_map={
        "deny": 0.95,    # Critical — retain for compliance
        "monitor": 0.70, # Notable — retain for pattern detection
        "allow": 0.60,   # Routine — natural decay
    },
)

# Store every governance decision with importance-weighted retention
memory.store(decision)

# Contextual recall before new decisions
past_decisions = memory.recall(
    agent_id="research-agent",
    context="tool_call:web_search",
    limit=5,
)


### Alternatives Considered

1. **Flat database (PostgreSQL)**stores everything equally, no importance weighting, no contextual recall without custom vector search
2. **Dakera integration**we built this (decay-weighted retention), but it lacks Hindsight's contextual recall and semantic similarity
3. **Redis with TTL**simple expiry, but no importance hierarchy (everything expires at the same rate regardless of severity)

### Priority

Important - affects my workflow

### Additional Context

We built a similar pattern with Dakera (another agent memory server): https://github.com/agentguard-ai/tealtiger/blob/main/docs/integrations/dakera.md

Key design principle from that integration: **Storage = evidence/continuity, NOT authority.** A stored ALLOW from yesterday cannot authorize today's action. Every new request gets a fresh deterministic evaluation. Storage informs; it doesn't permit.

Happy to contribute a cookbook example or PR.

- TealTiger: https://github.com/agentguard-ai/tealtiger
- PyPI: `pip install tealtiger`
- Apache 2.0 license


### Checklist

- [x] I would be willing to contribute this feature

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions