Cookbook

Task-oriented recipes. Each one is copy-paste, tested against the public sandbox, and ends in a verifiable outcome (verdict + ledger receipt).

3 min · proxy

Drop-in OpenAI redirect

Govern every OpenAI call without changing application code. One env-var swap.

5 min · cli + mcp

Govern Claude Code end-to-end

CLI Firewall on the shell, MCP Gateway on the tool calls, Glass Box Ledger on every action.

7 min · mcp

Govern an MCP tool call

Per-tool specialist Guardian for stripe.create_refund — schema-aware and intent-aware.

8 min · sdk

Apply JSON Patches in LangChain

Wrap any LangChain LLM call with the Guardian, apply RFC 6902 corrections inline.

10 min · siem

Stream verdicts to Splunk / Datadog / CloudWatch

Three-stream architecture (ops / security / audit) with the right retention per stream.

6 min · cli

Sandbox a coding agent's CLI

Block destructive shell commands from Claude Code, Cursor agents, Devin, and friends.

4 min · proxy

Redact PII before egress

Drop-in PII Guardian, with a forensic record of every redacted span.

12 min · platform

Multi-tenant Guardian fleet

Per-tenant LoRA hot-swap, per-tenant Glass Box Ledger partitions, per-tenant SLAs.

---

Conventions

• All recipes assume TRINITITE_API_KEY and TRINITITE_BASE are exported.
• Every recipe ends in a verifiable outcome — typically a ledger_id you can GET /v1/logs/:id to confirm.
• Where curl is shown, equivalent Python and Node tabs follow.
• Sandbox keys (tk_test_…) work for every recipe; production keys (tk_live_…) require an enterprise plan.