The Agent Skills Directory

[SAFE]: The skill consists of instructional manifests and helper scripts designed to facilitate the deployment of development environments on TrueFoundry. No indicators of prompt injection, malicious persistence, or unauthorized privilege escalation were identified.
[EXTERNAL_DOWNLOADS]: The skill references container images hosted on trusted, well-known registries including AWS ECR (public.ecr.aws/truefoundrycloud/jupyter) and HuggingFace's GitHub Container Registry. These are official distributions for the TrueFoundry vendor and established ML communities.
[COMMAND_EXECUTION]: The skill utilizes the official truefoundry Python package and the tfy CLI. It includes a helper script tfy-api.sh which serves as an authenticated wrapper for curl. This script implements security best practices, such as a manual .env parser to avoid shell evaluation risks and a check for path traversal in API endpoints.
[DATA_EXFILTRATION]: Sensitive information like the TFY_API_KEY is handled according to standard local development practices (environment variables or .env files). Network activity is restricted to the platform URL provided by the user and the official container image registries.

notebooks