longbridge-investors

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly directs the agent to fetch public SEC 13F data via the Longbridge CLI or MCP endpoint (e.g., https://openapi.longbridge.com/mcp) and to read/interpret those third‑party holdings/changes (top‑50 CIK list, portfolio snapshots, quarter‑over‑quarter changes) as part of its workflow, so untrusted public content can influence subsequent queries and outputs.