Stats
Actions
Tags
From truefoundry
Verifies TrueFoundry credentials and connectivity, discovers workspaces and clusters, manages roles/teams/secret groups, and creates personal access tokens.
How this skill is triggered — by the user, by Claude, or both
Slash command
/truefoundry:platformThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
> Routing note: For ambiguous user intents, use the shared clarification templates in [references/intent-clarification.md](references/intent-clarification.md).
references/access-control.mdreferences/api-endpoints.mdreferences/cli-fallback.mdreferences/cli-reference.mdreferences/cluster-discovery.mdreferences/gpu-reference.mdreferences/intent-clarification.mdreferences/prerequisites.mdreferences/secrets-and-tokens.mdreferences/tfy-api-setup.mdscripts/tfy-api.shscripts/tfy-version.shRouting note: For ambiguous user intents, use the shared clarification templates in references/intent-clarification.md.
Platform setup and access management: verify credentials, discover workspaces and clusters, manage roles/teams/collaborators, handle secret groups, and create personal access tokens.
tfy-secret://)gateway skillmcp-servers skillobservability skillonboard skill| Variable | Description | Example |
|---|---|---|
TFY_BASE_URL | Platform URL | https://your-org.truefoundry.cloud |
TFY_HOST | CLI host (set when TFY_API_KEY is set) | https://your-org.truefoundry.cloud |
TFY_API_KEY | API key for REST calls | tfy-... |
Verify credentials and connectivity:
echo "TFY_BASE_URL: ${TFY_BASE_URL:-(not set)}"
echo "TFY_API_KEY: ${TFY_API_KEY:+(set)}${TFY_API_KEY:-(not set)}"
# Test connection
TFY_API_SH=~/.claude/skills/truefoundry-platform/scripts/tfy-api.sh
$TFY_API_SH GET '/api/svc/v1/workspaces?limit=1'
Present result as status summary. If login missing, use truefoundry-onboard.
Never auto-pick a workspace. Always confirm with the user.
# Step 1: List clusters
$TFY_API_SH GET /api/svc/v1/clusters
# Step 2: List workspaces filtered by selected cluster
$TFY_API_SH GET '/api/svc/v1/workspaces?clusterId=SELECTED_CLUSTER_ID'
Present both as tables. Key field: fqn (needed for TFY_WORKSPACE_FQN).
If only one cluster exists, skip cluster selection and go to workspaces directly.
$TFY_API_SH GET /api/svc/v1/clusters/CLUSTER_ID/get-addons
For full GPU type table and cluster base domain lookups, see references/gpu-reference.md and references/cluster-discovery.md.
Manage roles, teams, and collaborators. For full API calls, tool call syntax, presentation templates, common workflows, and subject format reference, see references/access-control.md.
| Action | API Call |
|---|---|
| List roles | $TFY_API_SH GET /api/svc/v1/roles |
| List teams | $TFY_API_SH GET /api/svc/v1/teams |
| List collaborators | $TFY_API_SH GET '/api/svc/v1/collaborators?resourceType=TYPE&resourceId=ID' |
| Create role | $TFY_API_SH POST /api/svc/v1/roles '{...}' |
| Create team | $TFY_API_SH POST /api/svc/v1/teams '{...}' |
| Add collaborator | $TFY_API_SH POST /api/svc/v1/collaborators '{...}' |
Subject format: user:email, team:slug, serviceaccount:name, virtualaccount:name.
Security: Confirm subject, role, and resource with the user before granting access.
Destructive operations (delete roles, teams, collaborators): direct to dashboard.
Manage secret groups and tfy-secret:// references. Never ask user to paste secret values in chat.
| Action | API Call |
|---|---|
| List secret groups | $TFY_API_SH GET /api/svc/v1/secret-groups |
| Create secret group | $TFY_API_SH POST /api/svc/v1/secret-groups '{...}' |
| Update secrets | $TFY_API_SH PUT '/api/svc/v1/secret-groups/ID' '{"secrets":[...]}' |
Reference format: tfy-secret://<tenant>:<group>:<key>
Warning: Update operations delete omitted keys. Always include all keys.
For full create/update flows, API patterns, and security policies, see references/secrets-and-tokens.md.
List and create PATs. Token values are shown only once at creation.
| Action | API Call |
|---|---|
| List PATs | $TFY_API_SH GET /api/svc/v1/personal-access-tokens |
| Create PAT | $TFY_API_SH POST /api/svc/v1/personal-access-tokens '{"name":"..."}' |
Security: Never repeat, store, or log token values. Show masked preview by default; full value only on explicit confirmation.
For full token display policy and security rules, see references/secrets-and-tokens.md.
Deletion: direct to dashboard.
<success_criteria>
</success_criteria>
API key invalid or expired. Generate new one: Dashboard -> Access -> API Keys.
Check: URL correct (include https://), network/VPN connected, no trailing slash.
If tfy CLI says "TFY_HOST env must be set": export TFY_HOST="${TFY_HOST:-${TFY_BASE_URL%/}}"
Selected cluster may have no workspaces, or API key lacks access. Try different cluster.
Admin access may be required for access control and token operations.
Use pattern type:identifier — e.g., user:alice@company.com, team:platform-team.
Token values only shown at creation. Create a new token, update affected services, revoke old one in dashboard.
npx claudepluginhub truefoundry/skills --plugin truefoundryLists, creates, and manages MCP server registry entries in the TrueFoundry AI Gateway — remote, virtual, hosted STDIO, and OpenAPI-backed servers with tool selection, auth, and client attachment support.
References Auth0 CLI commands for managing apps, APIs, users, roles, organizations, actions, logs, custom domains, universal login, and Terraform exports. Helps with authentication, RBAC, branding, debugging, and scripting via --json output.
Creates bite-sized, testable implementation plans from specs or requirements, with file structure and task decomposition. Activates before coding multi-step tasks.