access-control
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes dedicated Bash scripts (
scripts/tfy-api.shandscripts/tfy-version.sh) to interact with the TrueFoundry API and perform version detection. These scripts incorporate security measures such as validating that API paths start with a forward slash and do not contain directory traversal patterns (..), as well as implementing a safe non-evaluating parser for environment files. - [EXTERNAL_DOWNLOADS]: The documentation and manifest files reference official TrueFoundry container images hosted on vendor-controlled registries (AWS ECR and Jfrog) and recommend the use of the official 'truefoundry' package from PyPI. These resources originate from the trusted vendor and are standard for the skill's operation.
- [PROMPT_INJECTION]: The skill ingests data from external API responses (such as lists of roles and teams) which could theoretically contain malicious instructions (indirect prompt injection). However, the skill explicitly mandates human-in-the-loop (HITL) confirmation for all write and delete operations, which effectively prevents unauthorized execution of destructive commands.
Audit Metadata