forked from microsoft/agent-governance-toolkit
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathadk-governance.yaml
More file actions
42 lines (35 loc) · 1.01 KB
/
adk-governance.yaml
File metadata and controls
42 lines (35 loc) · 1.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# ADK Governance Policy — Sample Configuration
#
# ⚠️ IMPORTANT: This is a SAMPLE policy for Google ADK agents.
# Review and customize before production use.
version: "1.0"
name: adk-governance
description: >
Sample governance policy for Google ADK agents. Configures tool
restrictions, rate limits, and delegation controls.
disclaimer: >
This is a sample configuration. Customize for your environment.
adk_governance:
# Tools that are always blocked
blocked_tools:
- execute_shell
- run_command
- delete_database
- drop_table
# Maximum tool calls per agent per session
max_tool_calls: 100
# Tools requiring human approval before execution
require_approval_for:
- send_email
- publish_document
- deploy_service
- transfer_funds
# Delegation controls
delegation:
max_depth: 3
require_scope_narrowing: true
# Audit settings
audit:
log_all_tool_calls: true
log_delegations: true
include_tool_args: false # Set true only in dev (may contain PII)