feat(python): add Blueprint Governed Agent — governance principles via native A2A primitives#536
Conversation
Minimal Python agent demonstrating how to enforce AI Design Blueprint governance principles using native A2A protocol primitives. Three principles mapped directly to A2A mechanics: - P8 (explicit approval before destructive actions) → TASK_STATE_INPUT_REQUIRED - P5 (perceptible background work) → TaskStatusUpdateEvent streaming - P7 (mid-task steering/cancellation) → cancel() handler These are the exact three principles the OpenClaw inbox incident violated. The example includes a test client that validates all three end-to-end. See https://aidesignblueprint.com for the full doctrine. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces the 'Blueprint Governed Agent' sample, which demonstrates AI Design Blueprint governance principles using the A2A protocol. It includes a server implementation, an executor with approval gates and progress streaming, and a test client. Feedback includes improving the robustness of the confirmation check to prevent accidental execution, correcting directory paths in the documentation to match the project structure, and increasing the logging level for better visibility during development.
| return # Pause — wait for user response. | ||
|
|
||
| # ── Resume: check confirmation (Blueprint P7) ── | ||
| if "confirm" not in user_input.lower(): |
There was a problem hiding this comment.
The check "confirm" not in user_input.lower() is potentially unsafe for a governance-focused agent. If a user replies with "do not confirm", the agent will incorrectly proceed because the substring "confirm" is present. It is safer to use a strict equality check to ensure explicit approval as per the instructions provided to the user.
| if "confirm" not in user_input.lower(): | |
| if user_input.lower() != "confirm": |
| ## Quick start | ||
|
|
||
| ```bash | ||
| cd a2a/ |
There was a problem hiding this comment.
The directory name a2a/ in the quick start instructions does not match the actual directory path samples/python/agents/blueprint_governed_agent/. This should be updated to avoid confusion for users trying to run the sample.
| cd a2a/ | |
| cd samples/python/agents/blueprint_governed_agent/ |
| ## Files | ||
|
|
||
| ``` | ||
| a2a/ |
There was a problem hiding this comment.
The directory name in the file tree visualization should match the actual directory name in the repository.
| a2a/ | |
| blueprint_governed_agent/ |
| app = Starlette(routes=routes) | ||
|
|
||
| if __name__ == "__main__": | ||
| uvicorn.run(app, host=HOST, port=PORT, log_level="warning") |
There was a problem hiding this comment.
Using log_level="warning" might hide useful information for users running this sample for the first time. Setting it to "info" allows them to see incoming requests and server activity, which is helpful for debugging and understanding the A2A flow.
| uvicorn.run(app, host=HOST, port=PORT, log_level="warning") | |
| uvicorn.run(app, host=HOST, port=PORT, log_level="info") |
- agent_executor: strict equality check (== "confirm") instead of substring match to prevent "do not confirm" from accidentally proceeding - __main__: log_level "info" so users see request activity on first run - README: fix quick start path (a2a/ → samples/python/agents/blueprint_governed_agent/) - README: fix files section directory name to match repo structure Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- add __init__.py to resolve INP001 (implicit namespace package) - add docstring to execute() to resolve D102 - add # noqa: S101 to test assertions (expected pattern for test clients) - add # noqa: BLE001 to broad connectivity-check exception (intentional) - fix import sort order and quote style (ruff format) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Replace British 'honour'/'honours' with American 'honor'/'honors' in agent_executor.py, test_client.py, and README.md. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- MD060: add spaces around table separator pipes (|---|---| → | --- | --- |) - MD040: add language tag to all fenced code blocks (bash/text) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 participant
Summary
A minimal Python agent demonstrating how to enforce AI Design Blueprint governance principles using native A2A protocol primitives — no custom middleware, no wrapper framework.
What it demonstrates
Three principles mapped directly to A2A mechanics:
TASK_STATE_INPUT_REQUIRED— agent pauses, surfaces confirmation request, resumes on user responseTaskStatusUpdateEventstreaming — intermediateworkingevents emitted at each execution stepcancel()handler + approval-gate flow that honours any non-confirm responseThese are the exact three principles the OpenClaw inbox incident violated.
Agent flow
Quick start
Expected output:
Implementation notes
protobuf==5.29.5pinned — protobuf 7.x removedFieldDescriptor.labelfrom its upb backend, breaking a2a-sdk's internal proto introspectioncontext.current_taskstatus is reset toTASK_STATE_WORKINGbefore re-enqueueing, to clear staleINPUT_REQUIREDstatetaskIdrequired for resume — clients must include bothcontextIdandtaskIdin the resume messageResources
🤖 Generated with Claude Code