longbridge-business-query

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: The skill is prompt-only and does not include any scripts or executable files. The instructions are focused on guiding the agent through the use of vendor-specific commands to retrieve data.
  • [COMMAND_EXECUTION]: The instructions involve the use of the longbridge command-line tool to fetch financial metrics such as ROE and revenue breakdown. This usage is consistent with the skill's stated purpose and is restricted to the vendor's own tooling.
  • [DATA_EXFILTRATION]: No patterns were detected that would indicate the exposure or exfiltration of sensitive user data. The tool retrieves publicly available financial information for the user's view.
  • [PROMPT_INJECTION]: The skill processes data from external financial reports and filings. While this constitutes a surface for indirect prompt injection, the skill is prompt-only and lacks capabilities for file writing, network operations to untrusted domains, or complex logic that would facilitate an attack.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 03:00 PM
Security Audit — agent-trust-hub — longbridge-business-query