Skills
skills/longbridge/skills/longbridge-valuation/Gen Agent Trust Hub

longbridge-valuation

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of a Model Context Protocol (MCP) server from the vendor's official domain (openapi.longbridge.com) to provide financial data functionality.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes external market data.
  • Ingestion points: Data is ingested via several tools including mcp__longbridge__valuation, mcp__longbridge__valuation_history, and mcp__longbridge__industry_valuation (SKILL.md).
  • Boundary markers: Absent; there are no clear delimiters or instructions to treat tool output as untrusted data.
  • Capability inventory: The skill uses read-only tools to fetch stock metrics; it does not perform file writes, administrative command execution, or non-vendor network operations.
  • Sanitization: Absent; the skill passes data directly from the API to the model for analysis and calculation without escaping or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 02:19 PM