SkillProvenance Scan

Review guide

Agent Skill Upgrade Diff and Rollback Advisory

Review an agent skill upgrade diff for newly added permissions, external calls, risky instructions, and rollback actions before rollout.

Open scan preview

What this search usually needs

An agent skill upgrade diff focuses on what changed between the trusted version and the proposed version. The review should show permission expansion, new tools, new endpoints, modified install steps, changed referenced files, and rollback notes so teams can upgrade deliberately.

Where it applies

  • A skill has a new release and an internal owner needs to approve it before company-wide rollout.
  • A platform team wants to detect risky changes before automatic updates.
  • A customer asks whether a new version changes data access.

How to run the review

  1. Choose the current trusted version and the target upgrade version.
  2. Compare SKILL.md, dependency files, scripts, and referenced assets.
  3. Highlight new permissions, external services, file write paths, and instruction-risk patterns.
  4. Generate a severity-ranked advisory with recommended reviewer action.
  5. Store rollback notes and allowlist status for future audits.

Common risks to catch

  • Automatic updates can bypass the permission review that approved the original install.
  • A changelog may omit a new dependency or referenced script behavior.
  • Teams may not know which version to return to when a skill fails review.

Use SkillProvenance Scan for this review

SkillProvenance Scan makes upgrade review visible with side-by-side permission diff, risk badges, and rollback guidance designed for repeatable IT decisions.

Open scan preview View pricing plans