Enterprise Pattern — Skills
Pattern: Enterprise
Component: skills.md
Version: 1.1 | Updated: 2026-07-16
| Skill | Domain path | Why required |
|---|---|---|
| Responsible AI / risk | 09-enterprise-ai/governance/ |
Tiering and oversight obligations |
| Least privilege | 09-enterprise-ai/security/least-privilege.md |
Tool and data scope minimization |
| OAuth for MCP | 09-enterprise-ai/security/oauth-for-mcp.md |
Safe tool credentials |
| Prompt-injection defense | 09-enterprise-ai/security/prompt-injection-defense.md |
Untrusted content boundaries |
| Audit logging | 09-enterprise-ai/governance/audit-logging.md |
Evidence and forensics |
| Sandboxing | 09-enterprise-ai/security/sandboxing.md |
Contain tool side effects |
Skill activation triggers
- Risk — every new use case and every material change
- Least privilege / MCP OAuth — any tool with side effects
- Injection defense — any untrusted user or retrieved content in context
- Audit logging — before pilot enablement
- Sandboxing — code execution or high-impact tools
Verification that skills worked
- Risk: tier matches rubric criteria written in the package
- Privilege: tool allowlist is deny-by-default
- Logging: redaction rules exist for sensitive fields
- Kill switch: drill log shows disable without engineering heroics
Version: AIES v1.0.0✏️ Edit this page on GitHub