Microsoft confirmed general availability of custom AI Skills in SharePoint Online in late May 2026. The feature lets users build no-code agent workflows directly inside a SharePoint site, scoped to that site's content. It ships enabled by default and is rolling out to all commercial Microsoft 365 tenants without requiring an admin opt-in. SharePoint administrators need to understand what this means for their governance posture before users start publishing skills at scale.
What Are SharePoint AI Skills?
SharePoint AI Skills are lightweight, no-code agent configurations attached to a SharePoint site. A site owner or contributor uses the SharePoint interface to define a skill: a named capability that describes a task the agent should perform, the SharePoint content it should work with, and the output format it should produce. Users who visit the site can then invoke the skill without needing to understand the underlying model or write any code.
Examples of what skills can do: summarise the latest documents in a library, answer questions about a site's content, generate a first draft from a document template, or extract structured data from files in a folder. The specific capabilities depend on the Microsoft 365 AI entitlements available to the tenant.
How skills are stored
SharePoint saves skill definitions to a system-created library called Agent Assets inside the SharePoint site where they were created. This library is subject to the same SharePoint permission model as any other document library. Anyone with Contribute or higher access to the site can, by default, create or edit skills for that site, because Contribute permission extends to the Agent Assets library unless you explicitly restrict it.
What happens when a user invokes a skill
The skill runs under the permissions of the invoking user, not the author who created it. It cannot surface content the invoking user is not already authorised to see. That constraint matters: a poorly governed SharePoint site, where internal documents are broadly accessible to large groups, produces a skill that delivers broadly accessible content to whoever runs it. The agent does not create a new permission boundary; it works within the existing one and makes it faster to reach.
Admin Controls Available at General Availability
At general availability, SharePoint and Microsoft 365 administrators have the following controls:
| Control | Where to configure | Effect |
|---|---|---|
| Restrict skill creation to site owners only | Agent Assets library permissions on each site | Prevents contributors from creating or modifying skills in that site. Site owners retain full control over what skills are published. |
| Disable skills for a specific site | SharePoint site settings | Removes the AI Skills authoring interface from the site. Existing skill definitions in Agent Assets remain stored but cannot be invoked. |
| Tenant-level AI feature management | Microsoft 365 admin centre, Copilot settings | Broader controls for AI features across the tenant. Specific SharePoint Skills toggles were under development at GA; check the Copilot admin centre for the current options. |
| Audit skill creation and invocation | Microsoft Purview compliance portal | SharePoint skill events are logged under SharePoint activity records in the Microsoft Purview audit log. Available to tenants with appropriate compliance licences. |
The Permission Quality Problem This Exposes
The most immediate governance implication is not the skill feature itself but the permission audit it implicitly demands. If any user with Contribute access to a site can now create an agent that presents that site's content conversationally, the quality of your SharePoint permissions becomes a direct input to AI governance.
Sites with broad default membership, stale external sharing links, or inherited permissions from years of ad-hoc access grants are the highest priority for review before skills go live on those sites. The permission problems that have been easy to defer suddenly have a visible consequence: an AI assistant that answers questions about content the person asking should never have been able to reach.
Use ShareMaster's Report Master to export a permission matrix for any site before it receives skills. The export gives you a line-by-line view of who has access and at what level, so you can identify and remove excess permissions before the site's content powers an agent. For a walkthrough of that process, see the SharePoint permissions audit guide.
What Admins Should Do Now
- Identify the sites most likely to receive skills first. Project sites, department hubs, and sites with active content contributors are where skills will appear earliest. Prioritise permission reviews for those sites before the feature reaches them in your tenant's rollout wave.
- Restrict Agent Assets permissions on sensitive sites. For sites holding HR documents, legal files, finance data, or any content classified as internal-only or confidential, change the Agent Assets library to inherit permissions from the site but add an explicit deny for non-owners. This prevents contributors from publishing skills that surface sensitive content without a governance review.
- Audit and remove stale external sharing links on high-risk sites. A skill invoked by an external user can surface content that user is already authorised to see. If a site has open external sharing, skills amplify that exposure. Remove unnecessary external sharing links before skills go live on those sites.
- Brief site owners on the governance responsibility. Site owners are the most likely early adopters. They need to understand that publishing a skill is a governance decision: it determines what content is surfaced, to whom, and in what format.
Frequently Asked Questions
Are SharePoint AI Skills enabled by default?
Yes. The rollout enables the feature across all eligible Microsoft 365 tenants without an admin opt-in. SharePoint governs skill creation through Agent Assets library permissions. Admins who want to restrict which users can build or publish skills should tighten those permissions on sensitive sites immediately.
Where are SharePoint AI Skill definitions stored?
Skill definitions are stored in a system-managed library called Agent Assets within the SharePoint site where the skill was created. Because this library inherits the site's permission model by default, anyone with Contribute access can create or modify skills unless you explicitly restrict the Agent Assets library to site owners only.
Can a skill access content the invoking user is not allowed to see?
No. Skills operate under the invoking user's permissions, not the skill author's. Content the user cannot access directly cannot be surfaced through the skill. The concern is not that skills bypass permissions; it is that they make permissive access easier to exercise and harder to notice.