Skills
skills/ouachitalabs/skills/edgartools/Gen Agent Trust Hub

edgartools

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of the edgartools package from PyPI. While it is a known library, it is not from a specifically trusted source list provided in the security guidelines.
  • PROMPT_INJECTION (HIGH): Indirect Prompt Injection Surface: The skill downloads and processes external data from the SEC EDGAR API which could contain malicious instructions targeting the agent.
  • Ingestion points: Data enters the agent context through filing.text(), filing.markdown(), and filing.reports in SKILL.md.
  • Boundary markers: There are no markers or instructions to the agent to ignore embedded instructions within the filings.
  • Capability inventory: The skill demonstrates local file-write capability to /tmp/ and the ability to execute code using the installed edgartools package.
  • Sanitization: No evidence of sanitization or validation of the fetched filing content before it is processed or written to disk.
  • COMMAND_EXECUTION (MEDIUM): The skill utilizes the uv package manager to execute the add command and performs Python file-write operations to the local filesystem at /tmp/. This can be exploited if the ingested data contains malicious content that influences the agent to perform unauthorized file operations.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 02:37 AM