Skills
skills/truefoundry/skills/truefoundry-observability/Gen Agent Trust Hub

truefoundry-observability

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting application logs from the TrueFoundry platform.
  • Ingestion points: Application logs are fetched via scripts/tfy-api.sh from the /api/svc/v1/logs endpoint.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands within the log data are present in the skill's logic.
  • Capability inventory: The skill possesses the capability to execute shell commands (pip, npm, tfy apply) and modify application source code (e.g., adding Traceloop.init calls to main.py or index.ts).
  • Sanitization: The skill does not implement sanitization or filtering of the ingested log content for malicious instructions before processing.
  • [COMMAND_EXECUTION]: The skill executes shell commands as part of its core functionality.
  • Evidence: It uses a local helper script scripts/tfy-api.sh (an authenticated curl wrapper) for all API interactions and uses pip or npm for installing tracing dependencies.
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs external packages required for application tracing.
  • Evidence: The skill facilitates the installation of traceloop-sdk (Python) and @traceloop/node-server-sdk (Node.js) from public registries to enable OpenTelemetry instrumentation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 09:28 PM
Security Audit — agent-trust-hub — truefoundry-observability