ClawHub

SEC Filing Scanner for M&A

v1.0.0

SEC EDGAR filing analysis for M&A due diligence — extract financials, detect risks, and track corporate events from 10-K, 10-Q, and 8-K filings

0· 364·1 current·1 all-time
byAleksander Niebylski@aniebyl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the instructions: the SKILL.md describes fetching SEC EDGAR JSON/XBRL endpoints and extracting financials, risks, events, and governance data. There are no unrelated env vars, binaries, or installs requested.
Instruction Scope
Instructions focus on public SEC endpoints and describe the extraction and checks to perform. They do not tell the agent to read local files, access unrelated credentials, or send data to external endpoints other than SEC. Note: the doc doesn't mention setting the SEC-required User-Agent header or polite rate-limiting implementation details (it notes the 10 req/sec limit), and it doesn't specify how to handle private/local documents if the user supplies them.
Install Mechanism
No install spec and no code files — lowest-risk form. Nothing will be written to disk or fetched at install time by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested. The requested capabilities (public SEC API access and XBRL parsing) do not require additional secrets.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request permanent presence or system-wide config changes.
Assessment
This skill is instruction-only and generally coherent for public-EDGAR extraction. Before installing or using it: (1) confirm you trust the skill source (author_url exists but no homepage listed); (2) if you or the agent will provide private documents to the skill, treat that as sensitive — the skill doesn't specify data retention or transmission rules; (3) ensure any implementation respects SEC access rules (include a proper User-Agent, adhere to rate limits, and backoff on errors); (4) test on well-known public filings and verify parsed XBRL outputs before relying on results for M&A decisions; and (5) consider keeping autonomous invocation disabled if you don't want the agent to fetch filings without explicit prompts.

Like a lobster shell, security has layers — review code before you run it.

latestvk979x010309c30k09xevnn0hed8248yk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments