‹ Agent Governance Index

Is google/adk-python production-ready?

Mechanical governance score from agent-contracts scan against a clean clone. No vibes, no testimonials — reproducible from the exact commit below.

90/100 A no change since the previous scan
Weakest dimension: secret_safety (8/15). This measures secrets git-ignored, no obvious hardcoded keys. A low score here means an agent built on adk-python can fail in this dimension without the repo signalling it.

Dimension breakdown (100 points)

tests_and_ci — a test suite plus CI that runs it20/20
tool_governance — permission / allowlist / approval / human-in-loop gating on tool calls20/20
secret_safety — secrets git-ignored, no obvious hardcoded keys8/15
eval_harness — an eval / benchmark / labeled-corpus surface15/15
dependency_pinning — a lockfile or pinned dependency manifest7/10
observability — logging / audit / tracing10/10
resilience — retry / backoff / fallback / escalation10/10

Reproduce this score

pip install "agent-contracts @ git+https://github.com/impartshadow/agent-contracts.git"
git clone --depth 1 https://github.com/google/adk-python.git
git -C adk-python checkout 50c81ebfb1
agent-contracts scan --root adk-python --json

Scored commit: 50c81ebfb12f3a865a7e509c26e1c5657496c6c3. The score is the output of a deterministic scanner, not a judgment call — a clean clone reproduces it.

What this score can and can't tell you

This index measures observable governance surface — the guardrails a reliable agent needs. It does not certify that agents built on adk-python behave correctly at runtime. The most expensive agent failure — confidently claiming a task is "done" with nothing to back it — has no surface to grep, so no static score (including this one) can see it. Here's the proof, on the #1-ranked framework.

Every framework is re-scanned on a schedule. The weekly delta — what moved, on which commit, and what it means for teams building on it — goes out at echofromshadow.substack.com.