This article addresses the legal and compliance risks associated with deploying artificial intelligence tools for employee performance management. The author argues that while AI-driven skills analysis and promotion modeling offer genuine workplace benefits — such as surfacing non-traditional talent and improving internal mobility — these systems introduce significant legal exposure under employment and anti-discrimination law. Key evidence is drawn from hypothetical workplace scenarios (e.g., customer service representatives identified for HR roles) and a structured analysis of risk categories, including biased training data, opaque skill inference, unequal distribution of development opportunities, amplification of performance review bias, and lack of explainability in proprietary models. The article identifies transparency deficits and continuous monitoring failures as compounding regulatory and litigation risks. The conclusions drawn emphasize that employers engaging in self-regulation should treat promotion access and development opportunities as areas of heightened legal scrutiny, and that meaningful governance — including bias testing, standardized inputs, human oversight, and ongoing monitoring — is necessary to capture AI's value while managing its risks. Key insights: AI promotion models trained on historical data risk replicating past inequities, including biased performance evaluations and underrepresentation of certain groups in senior roles. Even when protected characteristics are not explicitly used, AI systems can encode proxies — such as job titles, career gaps, and project assignments — that correlate with sex, race, age, disability, or socioeconomic background. Lack of explainability in proprietary AI talent platforms independently increases regulatory and litigation exposure, separate from any actual disparate impact. Practical takeaways: Employers deploying AI for performance management are observed to face heightened legal risk when AI-generated recommendations function as de facto gatekeepers to advancement opportunities, training, and pay progression. Governance structures that include pre-deployment bias testing, standardized evaluation inputs, human override authority, and post-deployment monitoring are identified as risk-mitigation measures in the absence of universal regulatory requirements.