workflows
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's functionality is limited to managing resources on the TrueFoundry platform using official vendor tools and documented API endpoints.
- [COMMAND_EXECUTION]: The skill executes standard commands such as
tfy,pip, andpythonto manage workflow deployments and environment configurations. These are expected behaviors for a DevOps-oriented AI skill. - [EXTERNAL_DOWNLOADS]: The skill installs the
truefoundrySDK and interacts with the vendor's API infrastructure (e.g.,truefoundry.cloud). These resources are provided by the verified author of the skill. - [CREDENTIALS_UNSAFE]: The skill correctly handles the
TFY_API_KEYby loading it from environment variables or.envfiles rather than using hardcoded values. It also provides guidance on using TrueFoundry's internal secret management for application-level credentials.
Audit Metadata