CI-level governance validation for agent code

[jagmarques]

ADK makes it straightforward to build and deploy agents, but there's a gap around automated governance checks in CI. For teams shipping agent code to production, it would be useful to have a PR-level scan that verifies:

• Audit trail coverage (logging around agent actions)
• Kill switch / revocation mechanisms
• Error handling around agent calls
• Human oversight gates for high-risk operations

This maps to EU AI Act Article 14/15 and ISO 42001 controls. Currently teams have to manually review for these patterns.

I've been building asqav-compliance, a GitHub Action that scans agent code for these gaps. ADK is one of the frameworks it detects. Would there be interest in recommending governance CI checks in the docs or building something native?