Context Graph vs Agent Skills
Capability Packaging Is Not Decision Authority
Agent skills are becoming the portable capability layer for AI agents. A skill can package instructions, scripts, references, assets, routing metadata, evaluation fixtures, and operational procedures so an agent can perform a repeatable task.
Verified skills improve that layer with provenance, scanning, signing, skill cards, and reviewable capability metadata. That is necessary for capability governance.
It is not decision authority. An agent skill tells the agent how to perform a capability. A context graph decides whether this use of that capability is applicable, scoped, current, policy-compliant, and traceable before execution.
The Core Distinction
Agent skills operate at the capability boundary. They make procedures available to an agent and describe when that procedure should be loaded. They can carry executable support files, policy notes, examples, tests, and documentation.
Decision context graphs operate at the action boundary. They evaluate the proposed use of a capability against applicability logic, scope isolation, temporal validity, policy-as-code, provenance, exception rules, and causal decision trace requirements.
The skill asks: can the agent perform this capability? The context graph asks: should this capability be allowed here, now, for this entity, under these rules?
Side-by-Side Comparison
| Dimension | Agent Skills | Context Graph |
|---|---|---|
| Core question | What capability can this agent load, and what instructions, scripts, or references define it? | Is this proposed use of the capability valid now, in this scope, under these rules? |
| Control point | Capability packaging, routing metadata, reusable workflow, and optional execution assets | Per-action decision boundary before execution |
| Primary artifact | SKILL.md, skill card, scripts, references, assets, scan report, signature, eval result | Applicability result, allow or block decision, causal decision trace |
| Governance role | Makes capabilities discoverable, repeatable, portable, reviewable, and easier to evaluate | Determines whether the capability is authorized for this entity, workflow, policy, and time |
| Failure caught | Ambiguous trigger, hidden instruction, risky script, stale reference, unsigned bundle | Invalid refund, wrong account scope, expired policy, unauthorized data use, missing provenance |
What Agent Skills Do Well
| Skill control | Good at | Does not prove |
|---|---|---|
| Manifest metadata | Name, description, trigger conditions, and routing signals | Whether the triggered action is legitimate for this business case |
| Reusable procedure | Step-by-step task knowledge, conventions, and domain instructions | Which policy, exception, or jurisdiction governs the current action |
| Scripts and assets | Repeatable commands, templates, references, and support files | Whether those commands may run against this account, tenant, or record |
| Scanning | Prompt injection, unsafe code, excessive agency, dependency risk, and MCP least-privilege issues | Whether a clean skill should be allowed in this workflow right now |
| Signing and skill cards | Provenance, owner, integrity, intended use, dependencies, and declared limits | Runtime applicability, temporal validity, source authority, and causal traceability |
Verified Skills Still Need a Decision Boundary
A verified skill can prove where the capability came from, who owns it, whether it was scanned, and whether the installed artifact matches the reviewed artifact. That is provenance for the capability.
It does not prove that the current action is authorized. A signed refund skill can still issue the wrong refund. A clean deployment skill can still deploy to the wrong environment. A well-tested data-analysis skill can still query data outside the task scope.
The missing artifact is the per-action receipt: which facts were consulted, which policies applied, which exceptions mattered, which scope was enforced, and why the action was allowed or blocked.
Production Scenarios
Customer support refund
Agent skill: A support skill can package the refund procedure, response template, API helper script, and escalation checklist.
Context graph: The decision context graph validates entitlement, purchase state, refund window, fraud flags, active policy version, customer segment, and exception hierarchy before the refund runs.
Infrastructure deployment
Agent skill: A deployment skill can teach a coding agent how to build, test, deploy, verify, and roll back a service consistently.
Context graph: The context graph checks change window, incident state, service ownership, environment scope, approval chain, regional policy, and release freeze state before the deployment proceeds.
Physical AI workflow
Agent skill: A robotics or vision skill can package setup steps, simulation commands, data generation flows, and evaluation routines.
Context graph: The context graph determines whether the dataset, geography, safety constraints, model version, lab environment, and operator authority make the proposed run valid now.
Where This Fits in the Agent Stack
Agent skills package capability. MCP connects the agent to tools and data. Agent gateways control reach. Agent sandboxes contain execution. Observability records what happened.
A decision context graph supplies the missing pre-execution decision boundary. It decides whether the proposed skill use is valid before it reaches a tool, account, record, payment rail, cloud account, robotics workflow, or regulated process.
The strongest architecture is skill plus context graph: reusable capability above, governed action at the decision boundary.