status
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill includes shell scripts (
tfy-api.shandtfy-version.sh) that use system commands likecurlfor API requests andpipfor package version checks. These are intended for platform status verification and environment inspection. - [EXTERNAL_DOWNLOADS]: The skill makes network requests via
curlto the TrueFoundry platform endpoints defined by the user in environment variables. These requests are used to check credentials and list workspaces as part of a preflight check. - [SAFE]: No malicious patterns, such as prompt injection, obfuscation, or unauthorized data exfiltration, were found. The skill includes security-conscious checks, such as verifying that API paths do not contain traversal sequences and avoiding the use of
sourceon.envfiles.
Audit Metadata