longbridge-company-profile

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the longbridge CLI to retrieve financial data, shareholder information, and market trends. These commands are restricted to the vendor's own verified tools and are necessary for the skill's primary function.
  • [INDIRECT_PROMPT_INJECTION]: The skill fetches external news content which represents a potential attack surface for indirect prompt injection. However, this is an inherent risk for tools that summarize external data, and the skill's design involves synthesizing the information, which provides a natural layer of abstraction.
  • Ingestion points: Untrusted data enters the agent context through the longbridge news command (SKILL.md).
  • Boundary markers: Not explicitly defined in the instructions for news processing.
  • Capability inventory: The agent can execute multiple longbridge CLI subcommands (SKILL.md).
  • Sanitization: The skill describes synthesizing the content into catalysts bullets but does not specify technical sanitization of the raw text.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 03:00 PM
Security Audit — agent-trust-hub — longbridge-company-profile