longbridge-news
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is prompt-only and does not include any executable scripts, binaries, or automated shell commands.
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to add an MCP server from 'https://openapi.longbridge.com/mcp'. This is a legitimate vendor resource belonging to the author 'longbridge' and is required for the skill's core functionality.
- [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill only interacts with stock-related data through the provided MCP tools.
- [PROMPT_INJECTION]: The instructions are focused on data retrieval and structured reporting. No patterns attempting to bypass safety filters or override agent behavior were found.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data (news and community discussions), which is a known attack surface. However, it implements protective measures by requiring the agent to classify content into buckets, distil key takeaways (fact-only), and explicitly avoid echoing 'hype vocabulary' or speculative language.
Audit Metadata