Skills
skills/truefoundry/tfy-agent-skills/truefoundry-guardrails/Gen Agent Trust Hub

truefoundry-guardrails

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a local bash script (scripts/tfy-api.sh) to interact with the TrueFoundry REST API. The script includes input validation to prevent path traversal and is used exclusively for legitimate platform configuration.
  • [EXTERNAL_DOWNLOADS]: The documentation references the official truefoundry Python package and container images from trusted registries (public.ecr.aws, ghcr.io). These resources are provided by the vendor and are necessary for the skill's functionality.
  • [DATA_EXFILTRATION]: The skill handles TFY_API_KEY and TFY_BASE_URL through environment variables or .env files. These credentials are used only to authenticate requests to the user's TrueFoundry instance.
  • [SAFE]: The skill includes proactive security guidance, such as warning users against fetching untrusted external content and advising the use of secret references (tfy-secret://) instead of hardcoding sensitive values in manifests.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 11:52 PM