Go to ACM CAIS 2026 Workshop AgentSkills homepageWhat Can This Skill Safely Undo? Rollback-Oriented Auditability for Agent Skills
Keywords: Agent Skills, LLM agents, auditability, rollback, recoverability, human-centered security
Abstract: Agent Skills give LLM agents reusable procedural knowledge for installing dependencies, invoking tools, editing files, configuring environments, and automating multi-step tasks. Existing work emphasizes whether skills improve performance, how they are generated, and how malicious skills or supply-chain risks can be detected. Less attention has been paid to what happens after a skill-driven task completes. When a skill modifies local or connected state, users may not know what changed, what persists, what can be safely undone, or whether recovery would overwrite later work. We argue that Agent Skills require rollback-oriented auditability: post-hoc support for understanding skill-induced changes as recovery objects with persistence, recoverability, dependency, conflict, and remediation properties. We sketch a recovery-oriented trace model, a recovery-preview interface, metadata hooks for SKILL.md, and an evaluation plan for testing whether such traces improve user recovery decisions.
Presentation Mode: No, we plan to present remotely/virtually.
Email Sharing: We authorize the sharing of all author emails with Program Chairs.
Data Release: We authorize the release of our submission and author names to the public in the event of acceptance.
Submission Number: 63
Loading