ADK has good tooling for building agents but no built-in mechanism for producing verifiable audit records at runtime.
In regulated environments (finance, healthcare), the question isn't just whether an agent used a tool - it's whether you can prove it cryptographically after the fact. Logs can be altered. A tamper-evident audit trail can't.
The gap: there's no pre/post tool invocation hook where you can attach a signing step. To do this today you have to patch the BaseTool class or wrap every tool manually.
A lifecycle callback on BaseTool (before_run, after_run with full context: agent_id, tool_name, inputs, outputs, timestamp) would make this pluggable. Third-party governance layers could attach without forking core.
Has this come up in the roadmap discussions? Happy to write a design doc if there's interest in the hook interface.
ADK has good tooling for building agents but no built-in mechanism for producing verifiable audit records at runtime.
In regulated environments (finance, healthcare), the question isn't just whether an agent used a tool - it's whether you can prove it cryptographically after the fact. Logs can be altered. A tamper-evident audit trail can't.
The gap: there's no pre/post tool invocation hook where you can attach a signing step. To do this today you have to patch the BaseTool class or wrap every tool manually.
A lifecycle callback on BaseTool (before_run, after_run with full context: agent_id, tool_name, inputs, outputs, timestamp) would make this pluggable. Third-party governance layers could attach without forking core.
Has this come up in the roadmap discussions? Happy to write a design doc if there's interest in the hook interface.