longbridge-industry-overview

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Workflow (steps 2–4) explicitly instructs the agent to run longbridge commands (e.g., longbridge constituent, longbridge industry-valuation, longbridge news) to fetch constituents, valuation data, and recent industry news from public third-party sources, which the agent must read and synthesize into decisions in the report—exposing it to untrusted external content such as public news and web data.