pp-edgar

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes instructions to install the necessary CLI tool using npx -y @mvanhorn/printing-press. This action downloads and executes code from the npm registry. The package is associated with the author's identified vendor namespace.
  • [COMMAND_EXECUTION]: The skill functions by executing the edgar-pp-cli binary via the agent's bash capabilities to perform local caching, full-text searches, and data extraction.
  • [DATA_EXFILTRATION]: The CLI supports a --deliver webhook:<url> argument, enabling the redirection of command output (such as SEC filing data) to external webhooks. This is presented as a functional feature for data routing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 11:27 PM
Security Audit — agent-trust-hub — pp-edgar