Skills
skills/truefoundry/skills/truefoundry-agents/Gen Agent Trust Hub

truefoundry-agents

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the tfy CLI tool and local bash scripts (tfy-api.sh, tfy-version.sh) to perform resource management tasks such as applying manifests and checking system compatibility.
  • [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the truefoundry Python package from the official package registry to enable CLI capabilities required for agent management.
  • [DATA_EXFILTRATION]: The skill accesses authentication tokens from ~/.truefoundry/credentials.json and API keys from environment variables to authenticate requests sent to the user-specified TrueFoundry tenant URL.
  • [PROMPT_INJECTION]: The skill includes instructions to guide the user through the TrueFoundry UI and specifically warns against attempting to perform agent authoring through unauthorized API paths, adhering to platform-specific safety guidelines.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 09:28 PM
Security Audit — agent-trust-hub — truefoundry-agents