longbridge-anomaly
Pass
Audited by Gen Agent Trust Hub on May 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues, malicious patterns, or suspicious behaviors were identified. The skill correctly implements vendor-specific functionality for financial data retrieval.
- [COMMAND_EXECUTION]: The skill executes the 'longbridge' CLI tool with user-provided arguments (market, symbol). The instructions explicitly guide the agent to resolve these parameters into standard financial formats before execution, which acts as a validation layer against command injection.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external financial market feeds via the 'longbridge' CLI tool.
- Ingestion points: Tool outputs from the 'anomaly' and 'trade-stats' subcommands.
- Boundary markers: Absent.
- Capability inventory: Limited to read-only subprocess calls to the specific 'longbridge' CLI tool.
- Sanitization: None specified for ingested content. The overall risk is negligible due to the specific, restricted nature of the tool and absence of high-privilege capabilities.
Audit Metadata