Skills
skills/longbridge/skills/longbridge-catalyst-radar/Gen Agent Trust Hub

longbridge-catalyst-radar

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill extensively uses the longbridge CLI tool to retrieve financial data. It constructs shell commands using user-provided inputs like stock symbols and market codes (e.g., longbridge quote {symbol}.{market}).
  • [DATA_EXFILTRATION]: The skill accesses sensitive user information, including watchlist details and portfolio positions, via the longbridge watchlist and Stock Positions API. This behavior is central to the skill's primary purpose of providing investment briefings and relies on the vendor's own infrastructure.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It ingests untrusted data from external sources such as news headlines and regulatory filings through the longbridge news and longbridge filing detail commands. The instructions lack explicit boundary markers or sanitization procedures to prevent the agent from potentially executing instructions embedded within these external financial documents. Evidence found in references/longbridge-api-map.md (ingestion) and SKILL.md (execution capabilities).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 06:20 AM