NIST AI RMF Alignment
The NIST AI Risk Management Framework (AI 100-1) provides a structured approach to managing AI risks across four core functions. Here is how SecureSkill supports each function for organizations deploying autonomous agent skills.
Govern
Establish policies and procedures for AI risk management. Define roles, responsibilities, and organizational commitment to trustworthy AI.
How SecureSkill Supports This
SecureSkill provides the tool that enables governance policies for agent skill adoption. Organizations can mandate "every skill must be scanned before installation" as a governance policy. Scan reports provide auditable documentation of risk assessment decisions. The authentication system tracks who scanned what and when, creating an accountability trail with user identity and timestamps on every scan.
Relevant Subcategories
Processes for decommissioning AI systems are established.
BLOCK verdicts identify skills that should be removed, with specific findings and reasoning for each decommission recommendation.
SecureSkill is a scanning tool, not a governance platform. It supports GOVERN implementation by providing the scanning infrastructure and audit trail, but does not define policies, assign roles, or manage organizational commitment directly.
Map
Identify and categorize AI risks in context. Understand the system's operating environment, intended use, and potential impacts.
How SecureSkill Supports This
SecureSkill's 20+ attack categories provide a comprehensive taxonomy for mapping agent skill risks. Every scan produces a detailed risk map: the declared purpose field captures what the skill claims to do, the actual behavior field documents what it really does, and the scope analysis compares the two. The permission map documents exactly what the skill accesses (files, credentials, network, shell). The skill profile categorizes each skill by type and complexity. The components analyzed field documents exactly what was evaluated. Together, these outputs create a complete risk map for each agent skill.
Relevant Subcategories
Intended purposes, deployment settings, and potential impacts are documented.
The declared purpose field extracts stated intent from the skill manifest. The actual behavior field documents real capabilities. The scope analysis compares the two, surfacing any mismatch between stated and actual purpose.
Risks from third-party entities are assessed.
The supply chain category evaluates third-party dependencies. Credential detection scans third-party code for embedded secrets. Threat intelligence validates URLs and file hashes against active threat feeds. Publisher trust signals provide reputation data on the skill author.
Measure
Quantify and track AI risks using metrics, benchmarks, and assessments.
How SecureSkill Supports This
SecureSkill's two-axis scoring system provides quantified risk measurement. Intent evidence (NONE through DEFINITIVE) measures how clearly malicious the skill's purpose appears. Impact potential (MINIMAL through SEVERE) measures the damage a compromised skill could cause. These combine into a calibrated 1-10 risk score. Each finding carries its own severity rating (CRITICAL/HIGH/MEDIUM/LOW) and confidence level (HIGH/MEDIUM/LOW). Scan history enables tracking risk trends over time as skills are re-scanned after updates.
Relevant Subcategories
Approaches for measurement of AI risks are selected and documented.
Two-axis scoring matrix (intent evidence x impact potential) with calibrated anchors and examples. Standardized severity and confidence ratings on every finding. Risk score from 1-10 with consistent calibration across all scans.
Manage
Prioritize and act on identified risks. Implement controls, monitor effectiveness, and respond to incidents.
How SecureSkill Supports This
SecureSkill's verdict system (SAFE/CAUTION/BLOCK) provides clear, actionable risk management decisions. Findings are sorted by severity descending, then by confidence, surfacing the most critical risks first. Recommendations tell users exactly what to do about identified risks. The pre-installation scanning workflow is itself a risk management control, preventing identified risks from reaching production environments.
Relevant Subcategories
AI risks are prioritized based on impact and likelihood.
Findings are prioritized by severity (CRITICAL first) and confidence. The verdict (SAFE/CAUTION/BLOCK) provides immediate, actionable prioritization. Risk score gives a single numeric indicator for comparison across scans.
SecureSkill provides pre-installation risk management. Continuous monitoring, version-to-version diff analysis, and runtime enforcement are not yet available. Organizations should re-scan skills after updates.
SecureSkill aligns with the NIST AI Risk Management Framework across all four core functions: Govern (enabling organizational scan-before-install policies with audit trails), Map (comprehensive risk identification across 20+ attack categories with detailed skill profiling), Measure (calibrated two-axis risk scoring with severity and confidence metrics), and Manage (actionable SAFE/CAUTION/BLOCK verdicts with recommendations). NIST does not certify or audit products. "Aligned" means SecureSkill's capabilities have been mapped to the framework's functions and subcategories.