longbridge-business-query
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill is prompt-only and does not include any scripts or executable files. The instructions are focused on guiding the agent through the use of vendor-specific commands to retrieve data.
- [COMMAND_EXECUTION]: The instructions involve the use of the
longbridgecommand-line tool to fetch financial metrics such as ROE and revenue breakdown. This usage is consistent with the skill's stated purpose and is restricted to the vendor's own tooling. - [DATA_EXFILTRATION]: No patterns were detected that would indicate the exposure or exfiltration of sensitive user data. The tool retrieves publicly available financial information for the user's view.
- [PROMPT_INJECTION]: The skill processes data from external financial reports and filings. While this constitutes a surface for indirect prompt injection, the skill is prompt-only and lacks capabilities for file writing, network operations to untrusted domains, or complex logic that would facilitate an attack.
Audit Metadata