guardrails
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill employs a dedicated bash utility (
scripts/tfy-api.sh) to perform authenticated requests to the TrueFoundry API. This script is designed with security in mind, utilizing bash arrays to safely construct curl commands and implementing basic path validation to prevent directory traversal attacks. - [SAFE]: All external dependencies, including the
truefoundryPython package and various container images (vLLM, TGI, NVIDIA NIM, etc.), are sourced from the official TrueFoundry registry or established, trusted providers like AWS ECR, GHCR, and NVIDIA. - [SAFE]: The skill documentation strongly emphasizes the use of TrueFoundry's internal secret management (
tfy-secret://) for handling sensitive data like API keys and database passwords, preventing the exposure of credentials in manifests or logs.
Audit Metadata