Skip to content

Proposal: Audit Trail and Trust Scoring Callbacks for ADK #4517

New issue
New issue
Open
Feature
Open
Proposal: Audit Trail and Trust Scoring Callbacks for ADK#4517
Feature
Labels
core[Component] This issue is related to the core interface and implementation
@imran-siddique

Description

@imran-siddique
imran-siddique
opened on Feb 17, 2026

Proposal: Audit Trail and Trust Scoring Callbacks for ADK

Problem

Google ADK provides a powerful agent framework with callbacks and tool decorators, but currently lacks built-in support for:

  • Tamper-evident audit trails - Cryptographic proof of what agents did during execution
  • Trust-based agent delegation - Scoring and gating multi-agent handoffs based on trust metrics
  • Governance policy enforcement - Declarative safety constraints on agent actions

As ADK agents are deployed in enterprise settings, these become critical for compliance, debugging, and safety.

What we've built (Apache-2.0)

AgentMesh and Agent-SRE provide:

  1. Merkle audit chains - Every agent action is hashed into a tamper-evident chain, verifiable offline
  2. 5-dimension trust scoring - Competence, integrity, availability, predictability, transparency
  3. Error budget engine - SRE-style reliability tracking for agent operations
  4. OpenTelemetry agent conventions - Standardized telemetry schema for agent observability
  5. GovernancePolicy - YAML-based policy with blocked patterns, token/tool limits, event hooks

Proposed integration

ADK callbacks that add governance and auditability:

`python
from google.adk import Agent
from adk_governance import AuditCallback, TrustGateCallback, GovernancePolicy

policy = GovernancePolicy.load("policy.yaml")

agent = Agent(
name="researcher",
model="gemini-2.0-flash",
callbacks=[
AuditCallback(merkle_chain=True), # Tamper-evident logging
TrustGateCallback(min_score=0.7), # Trust-gated delegation
GovernanceCallback(policy=policy), # Policy enforcement
]
)
`

Why this matters for ADK

  • Enterprise adoption - Governance and auditability are prerequisites for production deployment
  • Natural fit - ADK's callback system is perfect for injecting governance checks
  • Complements existing safety - Works alongside ADK's built-in safety features (content filtering)
  • Standards-aligned - Implements CSA's Agentic Trust Framework zero-trust model
  • OTEL-native - Our telemetry conventions integrate with ADK's existing observability story

Ask

Is there interest in this kind of contribution? We could:

  1. Contribute callback implementations to the community repo (google/adk-python-community)
  2. Propose callback interfaces in core ADK for governance hooks
  3. Build a standalone adk-governance package

Looking for guidance on the preferred approach.

Metadata

Metadata

Assignees

No one assigned

    Labels

    core[Component] This issue is related to the core interface and implementation

    Type

    Feature

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions