Governed capability audit

Review AI-agent
access before rollout.

For security and platform teams reviewing AI-agent access before production: Skillfile maps tool grants from config, flags risky operations, and records approved behavior as signed .skill files.

Policy
Stamp org/default-agent-policy@4 d9f2a1b8
Request an access audit β†’ Sign in to app
12risky grants found in a sample audit
πŸ” Config-only scan β€” no secrets required
πŸ“‹ Human approval β€” risky ops stay gated
Signed .skill files β€” reviewable capability boundaries
πŸ”— Audit trail β€” scan β†’ approve β†’ sync β†’ verify

The governed capability loop

Scan agent configs, expose unmanaged access, draft a signed .skill manifest, review risky operations, then sync and audit the result.

ScanRead repos, MCP configs, and agent rules without touching secrets
ExposeShow unmanaged tool, data, network, and deploy access
ApproveTurn allowed behavior into a signed .skill manifest
SyncPrepare approved capabilities for target agent surfaces
AuditKeep the evidence trail for IT, security, and operators

What an audit shows

A concrete readout of current agent access: what is allowed, what needs human approval, and what should stay blocked.

ORG-LEDGER-0001
production-incident-investigator v2.4.1
Capabilities reviewed and stamped ED25519: d9f2a1b8c3e4

Production Incident
Investigation

Diagnose production incidents with read-only access to logs, metrics, and dashboards. Sensitive operations require human approval.

βœ“
AllowedRead logs, metrics, dashboards, PRs, incident runbooks
GatedRestart services, run database queries, change config
BlockedSecret exfiltration, network egress to unknown hosts, customer PII access
4 allowed3 gated2 blocked

Risk breakdown

Filesystem readβœ“ Allowed
Network egress⚠ Gated β€” human approval
Secret accessβœ• Blocked
Deploy access⚠ Gated β€” SRE review
Database read⚠ Gated β€” DBA review
Review complete β€” 3 require human approval
TimestampActionAgentDecision
2026-06-01Read production logsClaude CodeApproved
2026-05-31Query metrics APICodexApproved
2026-05-30Restart serviceClaude CodeGated

Proof for the people who have to trust it

Security, platform, and leadership get the same evidence trail: who approved access, what changed, where it synced, and what stayed blocked.

12Unmanaged capabilities
3Risky grants blocked
4Sync targets prepared
1Audit packet ready

Start with one capability audit

Bring one repo or agent profile. We map tool access, flag risky grants, and return a reviewable .skill path forward β€” no secrets required.

We'll reply with audit scope and next steps.