Encrypt Google ADK Sessions in 5 Minutes

Google ADK stores everything your agent knows — tool calls, user messages, conversation context — in plaintext SQLite. If that makes you uncomfortable, this post fixes it. This is the recipe card. Ingredients, steps, done. Prerequisites Python 3.12+ An existing ADK agent using DatabaseSessionService (or a willingness to create a minimal one) No system libraries, no C compilation, no Docker. The library is pure Python with two runtime dependencies: google-adk and cryptography . A short ingredient list. Step 1: Install pip install adk-secure-sessions Or with uv : uv add adk-secure-sessions Verify the install: python -c "import adk_secure_sessions; print('OK')" Step 2: Swap the Import Your agent code probably has something like this: # Before — ADK default (unencrypted): from google.adk.sessions import DatabaseSessionService session_service = DatabaseSessionService ( db_url = " sqlite+aiosqlite:///sessions.db " ) Replace it with: # After — encrypted: from adk_secure_sessions import Encryp