SkillProvenance Scan

Review guide

AI Skill Permission Diff Before Upgrades

Compare AI skill versions for newly added tools, network access, file writes, external services, credential prompts, and rollback risk.

Open scan preview

What this search usually needs

An AI skill permission diff compares one skill version against another and highlights the capabilities that were added, widened, or removed. This is most useful before an upgrade, when a team wants to know whether a routine release quietly added network access, broader file writes, or a new external service.

Where it applies

  • A team approved v1.4 of a skill but needs to review v1.5 before rollout.
  • A marketplace maintainer wants to flag risky permission expansions automatically.
  • An IT reviewer needs a short explanation for why an upgrade is allowed, delayed, or rejected.

How to run the review

  1. Select the trusted baseline version and the proposed upgrade version.
  2. Normalize SKILL.md, referenced files, install steps, and tool declarations.
  3. Compare added tools, removed tools, network endpoints, file paths, shell commands, and credential references.
  4. Rank changes by operational risk and reviewer burden.
  5. Generate an upgrade advisory with rollback notes and allowlist impact.

Common risks to catch

  • A minor version can add a broad tool even when the changelog sounds harmless.
  • New write paths may conflict with company data handling rules.
  • External services can create data residency, privacy, or vendor-review work.

Use SkillProvenance Scan for this review

SkillProvenance Scan shows the diff as a reviewer-friendly table with risk badges, upgrade advice, and a checkout path for exportable reports.

Open scan preview View pricing plans