-
Notifications
You must be signed in to change notification settings - Fork 2.9k
Description
Proposal: Audit Trail and Trust Scoring Callbacks for ADK
Problem
Google ADK provides a powerful agent framework with callbacks and tool decorators, but currently lacks built-in support for:
- Tamper-evident audit trails - Cryptographic proof of what agents did during execution
- Trust-based agent delegation - Scoring and gating multi-agent handoffs based on trust metrics
- Governance policy enforcement - Declarative safety constraints on agent actions
As ADK agents are deployed in enterprise settings, these become critical for compliance, debugging, and safety.
What we've built (Apache-2.0)
AgentMesh and Agent-SRE provide:
- Merkle audit chains - Every agent action is hashed into a tamper-evident chain, verifiable offline
- 5-dimension trust scoring - Competence, integrity, availability, predictability, transparency
- Error budget engine - SRE-style reliability tracking for agent operations
- OpenTelemetry agent conventions - Standardized telemetry schema for agent observability
- GovernancePolicy - YAML-based policy with blocked patterns, token/tool limits, event hooks
Proposed integration
ADK callbacks that add governance and auditability:
`python
from google.adk import Agent
from adk_governance import AuditCallback, TrustGateCallback, GovernancePolicy
policy = GovernancePolicy.load("policy.yaml")
agent = Agent(
name="researcher",
model="gemini-2.0-flash",
callbacks=[
AuditCallback(merkle_chain=True), # Tamper-evident logging
TrustGateCallback(min_score=0.7), # Trust-gated delegation
GovernanceCallback(policy=policy), # Policy enforcement
]
)
`
Why this matters for ADK
- Enterprise adoption - Governance and auditability are prerequisites for production deployment
- Natural fit - ADK's callback system is perfect for injecting governance checks
- Complements existing safety - Works alongside ADK's built-in safety features (content filtering)
- Standards-aligned - Implements CSA's Agentic Trust Framework zero-trust model
- OTEL-native - Our telemetry conventions integrate with ADK's existing observability story
Ask
Is there interest in this kind of contribution? We could:
- Contribute callback implementations to the community repo (google/adk-python-community)
- Propose callback interfaces in core ADK for governance hooks
- Build a standalone
adk-governancepackage
Looking for guidance on the preferred approach.