Skills
skills/truefoundry/tfy-deploy-skills/truefoundry-status/Gen Agent Trust Hub

truefoundry-status

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses scripts/tfy-api.sh and scripts/tfy-version.sh to perform authenticated API calls and environment checks. These scripts execute standard tools like curl, pip, and the tfy CLI as part of their intended functionality.
  • [EXTERNAL_DOWNLOADS]: The skill automates the installation of the official truefoundry Python package from PyPI if the CLI is missing. It also references pinned container images from the vendor's official repositories on AWS ECR (public.ecr.aws/truefoundrycloud/*) and JFrog (tfy.jfrog.io/tfy-images/*).
  • [CREDENTIALS_UNSAFE]: While the skill manages sensitive credentials (TFY_API_KEY), it adheres to best practices: it provides explicit instructions to avoid printing tokens in logs, uses a custom safe parser for .env files to avoid the risks associated with shell sourcing, and leverages platform-native secret references (tfy-secret://) in deployment templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 10:18 PM
Security Audit — agent-trust-hub — truefoundry-status