pp-sec-edgar

Enables querying and analysis of SEC filings and insider trades using a local SQLite store for efficient data access.

Install this skill

85/100

Security score

The pp-sec-edgar skill was audited on Jun 12, 2026 and we found 3 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 251

Webhook reference - potential data exfiltration

SourceSKILL.md

251	\| `webhook:<url>` \| POST the output body to the URL (`application/json` or `application/x-ndjson` when `--compact`) \|

medium line 253

Webhook reference - potential data exfiltration

SourceSKILL.md

253	Unknown schemes are refused with a structured error naming the supported set. Webhook failures return non-zero and log the URL + HTTP status on stderr.

medium line 239

Access to hidden dotfiles in home directory

SourceSKILL.md

239	Entries are stored locally at `~/.sec-edgar-pp-cli/feedback.jsonl`. They are never POSTed unless `SEC_EDGAR_FEEDBACK_ENDPOINT` is set AND either `--send` is passed or `SEC_EDGAR_FEEDBACK_AUTO_SEND=tru

Scanned on Jun 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 1.5K

Rate this skill

Categoryfinance accounting

UpdatedJune 24, 2026

claude claude-code frontend docx git api database testing backend financial-analyst data-analyst market-research-analyst sqlite finance accounting data analytics

mvanhorn/printing-press-library