hummbl-dev/hummbl-governance
hummbl-governance
Governance primitives for AI agent orchestration. Zero third-party dependencies — stdlib-only. Kill switch, circuit breaker, cost governor, delegation tokens, audit logging, and compliance mapping.
Doctrine terms
This report references these HUMMBL doctrine terms:
A
99.5
Overall Quality Score
Audited: 2026-04-14
Version: Historical v0.4.0
Python 3.11+
Category Breakdown
100
Lint
A
100
Security
A
99
Complexity
A
100
Dead Code
A
99
Duplication
A
Key Modules
| Module | Purpose | Status |
|---|---|---|
kill_switch.py |
Emergency halt with 4 graduated modes | Pass |
circuit_breaker.py |
CLOSED/OPEN/HALF_OPEN state machine | Pass |
cost_governor.py |
Budget tracking with ALLOW/WARN/DENY | Pass |
delegation_token.py |
HMAC-SHA256 signed capability tokens | Pass |
audit_log.py |
Append-only JSONL with rotation | Pass |
agent_registry.py |
Agent identity and trust tiers | Pass |
schema_validator.py |
JSON Schema Draft 2020-12 (stdlib) | Pass |
bus_writer.py |
TSV coordination bus with flock locking | Pass |
compliance_mapper.py |
SOC2, GDPR, OWASP control mapping | Pass |
health_collector.py |
Composable health probes with latency | Pass |
errors.py |
Unified FM taxonomy — 30 FailureMode codes, 14 HummblError codes | Pass |
Findings
Info
Zero runtime dependencies verified
Zero runtime dependencies verified — all 18 modules use only Python stdlib. No pip install required beyond the package itself.
Low
Minor caching opportunity in compliance_mapper.py
Minor: compliance_mapper.py could benefit from
caching framework-to-control lookups for repeated queries.
Want an audit like this for your codebase? Free for open-source repos.
Request Free Audit