SkillProvenance Scan

Agent Skill Provenance & Permission Diff Scanner

Review agent skills before they enter your team environment.

Know exactly what an agent skill can do before your team installs or upgrades it.

View pricing plans
Provenance graph Permission diff Injection scan Trust report

Live preview

Skill intake

Medium risk
Provenance 82 repo, author, license, release tags
Permission diff 4 new tools and paths to review
Injection flags 2 credential and override language

Permission diff

Spot capability expansion before the upgrade ships.

Compare the trusted version against the proposed version and see newly added tools, network calls, external services, file write scope, install commands, and rollback notes in one review table.

Read the diff guide
ChangeBeforeAfterRisk
Tool accessread filesread + shellHigh
Networknoneapi.vendor.comReview
Write scope/reports/workspaceHigh
Rollbackv1.4v1.5Ready

Trust workflow

From source review to install decision.

Provenance graph

Map author, repo, fork chain, version, license, and recent change velocity so reviewers can see whether the source is stable enough to approve.

Injection scan

Flag disguised system instructions, credential requests, destructive install steps, and prompt language that tries to override the agent runtime.

Enterprise allowlist

Maintain approved skills, baseline versions, reviewer notes, rollback targets, and upgrade status for IT teams that need repeatable install gates.

Trust report

Export HTML or PDF evidence for customer review, security assessment, marketplace QA, and internal approval workflows.

Reviewer evidence

Clear enough for buyers. Specific enough for IT.

Every report connects the install decision to evidence: source history, permissions, external services, injection findings, upgrade deltas, and recommended next action.

SkillProvenance Scan reviewer console with graph, diff table, and risk badges

Pricing

Team annual is selected by default.

Monthly prices stay easy to compare; annual billing saves 50% and is used for checkout.

Maker

Independent authors

$19.50/mo

Billed annually at $234. Annual saves 50%.

50 scans

  • Skill directory and GitHub URL intake
  • Provenance graph summary
  • Permission and tool inventory
  • Injection red-flag scan
Default for teams

Team

Security-conscious skill teams

$74.50/mo

Billed annually at $894. Annual saves 50%.

1,000 scans

  • Everything in Maker
  • Version-to-version permission diff
  • Enterprise allowlist workflow
  • Upgrade advisory and rollback notes
  • PDF/HTML trust report export

Enterprise

Enterprise IT and platforms

$249.50/mo

Billed annually at $2994. Annual saves 50%.

10,000 scans plus API

  • Everything in Team
  • Queue jobs and API access
  • Repository policy packs
  • Reviewer evidence history
  • Priority support channel