Governed agent skills checklist
Governed skills turn a broad autonomous agent into a controlled workflow. Define what the agent may do, when it must ask, and what evidence it must leave behind.
Governance checks
Allowed skills
Name the tools, commands, APIs, and connectors an agent can use.
Approved skill list with owner and purpose.
Blocked actions
List actions that require a human or should never run.
Deny list for payments, deletes, exports, and external sends.
Rules
Bind each skill to context, input shape, limits, and expected output.
Rule card with examples and failure states.
Approvals
Decide when a reviewer must approve the next step.
Approval node before spend, data sharing, or irreversible actions.
Audit
Capture enough evidence to review the workflow later.
Run log with skill name, inputs, outputs, status, and cost.
Where this fits in AiOrchestration
Put governance into the workflow graph: route low-risk tasks automatically, add approvals before sensitive actions, and keep logs tied to the node that used each skill.
Back to orchestration checklist