longbridge-corporate-events
Pass
Audited by Gen Agent Trust Hub on May 25, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
longbridgeCLI tool (subcommands:news,filing,corp-action,shareholder,finance-calendar) to retrieve financial data. These are vendor-specific resources originating from the skill's author ('longbridge'). - [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process external content such as corporate filings, news, and regulatory announcements. This data represents an attack surface where third-party text could attempt to influence the agent's sentiment analysis or event classification.
- Ingestion points: Data enters the context via
longbridge news,longbridge filing, andlongbridge corp-actioncommands. - Boundary markers: The instructions request JSON format from tools but do not define explicit delimiters (like XML tags) to separate untrusted data from the agent's internal instructions.
- Capability inventory: The skill is confined to data retrieval and analysis; it does not possess capabilities for file-system modification or arbitrary network requests.
- Sanitization: There is no explicit sanitization or filtering logic applied to the external text before it is classified by the model.
Audit Metadata