A control plane in the same shape as the rest of GCP.

Why this matters to your seat

You're the team that fields the "is the agent compliant?" question from legal, the "where's the audit trail?" question from internal audit, and the "can we ship this into europe-west3 production?" question from product. You've probably built half the answer already — a custom audit-event wrapper, a kill-switch endpoint, a retention policy on the Vertex session-service.

Regulus is the framework that composes those pieces into one coherent decision plane. The plugin SPI is ADK's own. The service extensions wrap Google-shipped implementations. The audit chain is offline-verifiable. The GRC adapters land signed evidence in ServiceNow IRM or OneTrust without you writing the integration yourself.

What you'll see in the first hour

• Two Maven dependencies + a Spring Boot starter wire all eight plugins into your existing ADK agent.
• The audit envelope — twelve fields per event, hash-chained, framework citations attached.
• The coverage matrix — which Regulus controls deliver which regulation clauses. Generated from the active profile set, not hand-typed.
• The CLI's doctor command verifies your ADK version, classpath, and profile loading in one call.

What we don't claim to be

• A fork of ADK. Regulus is plugins + service extensions; the runtime stays Google's.
• An LLM provider. The model you call is your choice — Gemini, Claude, GPT-4, open-weight.
• A guardrails library. The plugin SPI sees the full agent trajectory, not just the prompt/response boundary.
• A managed service. Regulus runs in your JVM, on your infrastructure, against your audit storage.

Where to go next

• See the diff — code-level side-by-side of vanilla ADK vs ADK + Regulus.
• Plugin SPI deep-dive — every BasePlugin Regulus ships, with the callback hooks each one overrides.
• Gradle plugin install — the path for an existing build.
• Read the plugin SPI long-form article →