sec-edgar-skill
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill requires the installation of the 'edgartools' Python package via pip. Although unversioned and from a non-trusted source (Category 4), this dependency is necessary for the skill's primary function and is therefore downgraded in severity.
- [DATA_EXFILTRATION] (LOW): The skill performs network requests to 'sec.gov' to retrieve financial data (Category 2). These are non-whitelisted domains. It also requires the user to provide an email address for identity verification as required by the SEC.
- [PROMPT_INJECTION] (LOW): The skill processes untrusted text from SEC filings, creating a potential surface for indirect prompt injection (Category 8).
- Ingestion points: Data is ingested through 'filing.text()', 'filing.markdown()', and 'filing.items()' methods in SKILL.md and reference/workflows.md.
- Boundary markers: Absent; there are no instructions to the agent to treat filing text as data rather than instructions.
- Capability inventory: The skill enables fetching external data from the SEC but does not include scripts for dynamic execution or local system modification.
- Sanitization: Absent; document content is not sanitized or escaped before processing.
Audit Metadata