Plugins · 8 ADK BasePlugin implementations
Eight controls that ride along with ADK's own extension SPI.
Every plugin extends com.google.adk.plugins.BasePlugin.
Plugins are composable; the same agent can run all eight at once.
Regulus pins the priority order so policy decisions land before
audit emissions.
-
Policy plugin
RegulusPolicyPluginPre-tool-call policy evaluation. Decisions are fail-closed and emit a structured audit event with the matched policy clause.
BeforeAgentCallbackBeforeToolCallback -
Privacy plugin
RegulusPrivacyPluginPII redaction on inbound prompts and outbound responses; re-redaction on memory writes; configurable patterns per jurisdiction.
BeforeModelCallbackAfterModelCallback -
Audit plugin
RegulusAuditPluginAppend-only audit event emission with optional SHA-256 hash chaining; 24-month retention by default; offline verification via the CLI.
AfterAgentCallbackAfterToolCallbackAfterModelCallback -
Kill switch plugin
RegulusKillSwitchPluginIdentity-backed dual-control kill switch. Two authorised principals collapse the agent's tool surface; events feed the audit chain.
BeforeAgentCallbackBeforeToolCallback -
Model risk plugin
RegulusModelRiskPluginTier-aware gating that enforces SS1/23 + ISO 42001 model-classification rules; ties model invocations to validation evidence.
BeforeModelCallback -
Data residency plugin
RegulusDataResidencyPluginFail-closed residency enforcement on memory writes and artifact stores; checks the resolved region against the active profile's allowed set.
BeforeAgentCallbackAfterModelCallback -
Governance evidence plugin
RegulusGovernanceEvidencePluginRoutes signed evidence envelopes to ServiceNow IRM, OneTrust, MetricStream, or a generic HMAC webhook with framework citations attached.
AfterAgentCallback -
Identity expiry guard
RegulusIdentityExpiryGuardShort-lived-token enforcement. Rejects tool calls whose Principal's credentials have expired; logs the rejection with structured cause.
BeforeToolCallback