pp-sec-edgar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI explicitly fetches and ingests public SEC content (e.g., XBRL facts from data.sec.gov, full-text/efits search, and the live SEC Atom "getcurrent" feed as shown in the SKILL.md watch/facts/submissions commands), so the agent is expected to read and act on arbitrary third-party filings/feeds that could contain crafted instructions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill requires installing and running remote code (a required dependency) via commands such as "go install github.com/mvanhorn/printing-press-library/library/developer-tools/sec-edgar/cmd/sec-edgar-pp-cli@latest" which fetches and builds/executes code from that GitHub module at install time, creating a clear remote code execution risk.