longbridge-company-profile
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
longbridgeCLI to retrieve financial data, shareholder information, and market trends. These commands are restricted to the vendor's own verified tools and are necessary for the skill's primary function. - [INDIRECT_PROMPT_INJECTION]: The skill fetches external news content which represents a potential attack surface for indirect prompt injection. However, this is an inherent risk for tools that summarize external data, and the skill's design involves synthesizing the information, which provides a natural layer of abstraction.
- Ingestion points: Untrusted data enters the agent context through the
longbridge newscommand (SKILL.md). - Boundary markers: Not explicitly defined in the instructions for news processing.
- Capability inventory: The agent can execute multiple
longbridgeCLI subcommands (SKILL.md). - Sanitization: The skill describes synthesizing the content into catalysts bullets but does not specify technical sanitization of the raw text.
Audit Metadata