Skills
skills/truefoundry/tfy-deploy-skills/truefoundry-notebooks/Gen Agent Trust Hub

truefoundry-notebooks

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill manages deployments by executing the tfy CLI and using a shell-based API wrapper (tfy-api.sh). These operations are limited to the stated purpose of platform interaction.
  • [EXTERNAL_DOWNLOADS]: The skill automates the installation of the truefoundry package using pinned versions from PyPI and pulls container images from the vendor's official Amazon ECR registry.
  • [SAFE]: The tfy-api.sh helper script implements validation to prevent path traversal attacks by checking for .. patterns in API paths.
  • [SAFE]: Documentation includes clear guidelines to mitigate indirect prompt injection risks by instructing the agent not to fetch or parse content from external release pages.
  • [SAFE]: The skill handles authentication securely using environment variables and TrueFoundry's secret management system (tfy-secret://), avoiding hardcoded credentials in manifests.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 10:18 PM