Skills
skills/mvanhorn/printing-press-library/pp-sec-edgar/Gen Agent Trust Hub

pp-sec-edgar

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the CLI binary and related tooling from the author's GitHub repository (github.com/mvanhorn/printing-press-library) and the NPM registry (@mvanhorn/printing-press).
  • [COMMAND_EXECUTION]: Relies on the Bash tool to execute the sec-edgar-pp-cli binary and manage the local SQLite database used for storage and analysis.
  • [DATA_EXFILTRATION]: Supports a --deliver webhook:<url> parameter that can route command output to arbitrary external URLs. It also contains a feedback reporting mechanism that can be configured to send local logs to a remote endpoint via the SEC_EDGAR_FEEDBACK_ENDPOINT environment variable.
  • [PROMPT_INJECTION]: Processes untrusted financial data from SEC EDGAR endpoints, creating an indirect prompt injection surface where malicious instructions embedded in public filings could attempt to influence agent behavior.
  • Ingestion points: Data is fetched from data.sec.gov and efts.sec.gov into a local SQLite store.
  • Boundary markers: None explicitly mentioned in the skill instructions to delimit external data from agent instructions.
  • Capability inventory: Full shell execution via the Bash tool and file reading via the Read tool.
  • Sanitization: No explicit validation or sanitization of the fetched SEC data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 04:16 PM