Does edgartools have any known vulnerabilities?

No known CVE vulnerabilities were found for edgartools v5.16.1 in the brin database.

What capabilities does edgartools have?

edgartools has the following detected capabilities: network access, filesystem access, environment variable access, native modules. Review these before using with AI coding agents.

Can I use edgartools safely with AI coding agents?

edgartools has been flagged with risk indicators. Review the detected threats and capabilities before using with AI coding agents. Assessments are automated and may contain errors.

edgartools

Q: Is edgartools safe to use?

edgartools v5.16.1 has been flagged for review in the latest brin safety scan. Trust score: 75/100. Manual review is recommended. This is an automated assessment.

PyPI

Is edgartools safe to use?

The latest brin safety scan flagged edgartools v5.16.1 with risk indicators that warrant review. No known CVE vulnerabilities and 3 detected threat patterns, including patterns consistent with ssrf and code injection. Trust score: 75/100. Review the findings below before use. This is an automated assessment and may contain errors.

Install (safety-checked)

edgartools Has Confirmed Threats

Confirmed threat patterns detected in this package

critical

CVEs

Threats

Install Scripts

edgartools Confirmed Threats (3)

Server-Side Request Forgery

confidence: 50%confirmed

Location: edgar/documents/parser.py:361

response = requests.get(url, timeout=30)

Code Injection

confidence: 85%confirmed

Location: edgar/attachments.py:618

return eval(query, {"re": re, "attachment": attachment})

Code Injection

confidence: 80%confirmed

Location: edgar/ai/evaluation/evaluators.py:175

exec(code, namespace)

brin Recommendations

→This package is assessed as high-risk. Manual review is strongly recommended before use.
→3 verified threat patterns detected. Review the specific findings and consider alternatives.

This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.

edgartools Capabilities & Permissions

What edgartools can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.

Network Access

This package makes network requests.

ACCOUNT.r2.cloudflarestorage.comACCOUNT_ID.r2.cloudflarestorage.comapple.comcompany.comdata.sec.govdata.sec.gov)edgartools.readthedocs.iofasb.orggithub.commysite.com+12 more

Protocols: http, https, tcp

Filesystem Access

Reads and writes to the filesystem.

.env (rw).env (rw).env (rw).env (rw).env (rw).env (rw)__pycache__ (rw)/usr/ (rw)+20 more

Environment Variables

Accesses the following environment variables.

ANTHROPIC_API_KEYCURL_CA_BUNDLEDEBUG_TABLE_CONSOLIDATIONEDGAR_ACCESS_MODEEDGAR_BASE_URLEDGAR_CACHE_DIREDGAR_DATA_URLEDGAR_FINANCIALS_COLOR_SCHEMEEDGAR_IDENTITYEDGAR_LOCAL_DATA_DIR+22 more

Native Modules

Contains native code that runs outside the JavaScript sandbox.

cryptographylxmlnumpypandas

AGENTS.md for edgartools

Good instructions lead to good results. brin adds edgartools documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.

brin init

Vercel's research: 100% accuracy with AGENTS.md vs 53% without →

edgartools Documentation & Source Code

For the full edgartools README, API documentation, and source code, visit the official package registry.

View on PyPI

Frequently asked questions about edgartools safety

Install (safety-checked)

Weekly Downloads

103.3K

Version

5.16.1

Other Versions

Last Scanned

2 days ago

Trust Score

75/100·Legitimacy signals, not safety

Confirmed Threats (3)

ssrfconfirmed

Location: edgar/documents/parser.py:361

Confidence: 50%

response = requests.get(url, timeout=30)

code injectionconfirmed

Location: edgar/attachments.py:618

Confidence: 85%

return eval(query, {"re": re, "attachment": attachment})

code injectionconfirmed

Location: edgar/ai/evaluation/evaluators.py:175

Confidence: 80%

exec(code, namespace)

Confirmed threats have been validated by human review and represent real risks.

Capabilities

Network

Connects to: ACCOUNT.r2.cloudflarestorage.com, ACCOUNT_ID.r2.cloudflarestorage.com, apple.com...

Filesystem

Reads & Writes files

Environment

Accesses: ANTHROPIC_API_KEY, CURL_CA_BUNDLE, DEBUG_TABLE_CONSOLIDATION...

Native

Contains native modules