sec-edgar-skill

The SEC EDGAR Skill is largely benign and consistent with its stated purpose. It uses an official Python package from a reputable registry to access public SEC filings, requires only legitimate identification with EdgarTools, and fetches data for analysis rather than exfiltrating user data. The main risk is typical data transfer of potentially large filings (via filing.text()) and ensuring users are aware of token/length costs when requesting large documents. Overall, the footprint aligns with a legitimate developer tool for SEC filing analysis without evident credential harvesting or covert data leakage.