Skills
skills/truefoundry/tfy-deploy-skills/truefoundry-workflows/Gen Agent Trust Hub

truefoundry-workflows

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the tfy CLI and python commands to manage deployments and perform environment verification tasks.
  • [EXTERNAL_DOWNLOADS]: The skill manages the installation of the truefoundry Python package and references container images from trusted or well-known registries, including AWS ECR, GitHub Container Registry, and NVIDIA NGC.
  • [SAFE]: The skill enforces security best practices by requiring explicit user confirmation before selecting target workspaces and providing guidance on pinning container image tags and package versions to mitigate supply chain risks.
  • [SAFE]: The provided API helper script (tfy-api.sh) is designed to handle authenticated requests to the platform securely. It includes validation logic to restrict allowed HTTP methods and prevent path traversal vulnerabilities in API requests.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials were detected. The skill correctly instructs users to manage sensitive information like TFY_API_KEY through environment variables or .env files and supports secure secret references (tfy-secret://) within deployment manifests.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 10:18 PM