Skills
skills/longbridge/skills/longbridge-content/Gen Agent Trust Hub

longbridge-content

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the longbridge CLI to fetch financial records and perform community interactions. These actions are consistent with the skill's documented purpose of stock analysis.
  • [PROMPT_INJECTION]: The skill metadata contains a discrepancy, labeling the risk level as read_only despite the presence of content-creation commands in the reference files (longbridge topic create, longbridge topic create-reply). This misleading classification could lead to a misjudgment of the agent's capabilities regarding active interactions in community forums.
  • [PROMPT_INJECTION]: The skill handles untrusted data from news and community sources, creating an indirect prompt injection surface.
  • Ingestion points: External data is ingested into the agent context via longbridge news and longbridge topic commands.
  • Boundary markers: The instructions lack specific delimiters or instructions to isolate external data from the system prompt.
  • Capability inventory: The skill includes functional tools for publishing content to external forums, which could be triggered by instructions embedded in the ingested data.
  • Sanitization: Basic filtering is applied to specific speculative keywords, but there is no general mechanism to sanitize or escape malicious instructions in the external content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 12:31 PM
Security Audit — agent-trust-hub — longbridge-content