sec-edgar-skill
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill depends on the 'edgartools' library, which is a widely recognized open-source package for accessing SEC filings. It is installed via standard package managers.
- [COMMAND_EXECUTION]: The skill includes instructions for 'pip install', which is the standard method for installing the necessary Python dependencies for the tool's functionality.
- [DATA_EXFILTRATION]: While the skill makes network requests, they are directed to official SEC servers (sec.gov) to fetch public records. The requirement to provide an identity string (email) is a documented SEC compliance requirement for API usage and does not constitute unauthorized data exposure.
- [PROMPT_INJECTION]: The skill definition does not contain any instructions aimed at overriding agent behavior, bypassing safety guidelines, or extracting system prompts.
- [SAFE]: No malicious behavior, obfuscation, or persistence mechanisms were detected. The skill's operations are consistent with its stated purpose of financial analysis.
Audit Metadata