← Back to Skills Marketplace
Pipeworx sec
by
Bruce Gutman
· GitHub ↗
· v1.0.0
· MIT-0
72
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install pipeworx-sec
Description
Query the SEC EDGAR database to find companies, retrieve recent filings by form type, and access key financial metrics from XBRL data.
Usage Guidance
Before installing, confirm who operates https://gateway.pipeworx.io and whether requests and arguments you send (including any contextual prompt data) are logged, stored, or shared. If you only need public EDGAR data, prefer a skill that calls the SEC/EDGAR endpoints directly or that documents the proxy's privacy/security practices. Ask the publisher for an audit/trust statement or source code; avoid sending sensitive context or internal identifiers through this skill until you can verify the gateway's operator and retention policy.
Capability Analysis
Type: OpenClaw Skill
Name: pipeworx-sec
Version: 1.0.0
The SEC EDGAR skill bundle provides standard functionality for querying public company filings and financial data via an MCP server. The SKILL.md documentation describes legitimate capabilities such as searching companies and retrieving XBRL facts through a specified gateway (gateway.pipeworx.io), with no evidence of malicious instructions, data exfiltration, or unauthorized execution.
Capability Assessment
Purpose & Capability
The declared capabilities (search companies, get filings, read XBRL facts) match the stated purpose and are reasonable for SEC data (which is public). However the SKILL.md does not say the skill will proxy requests through a third‑party service, so the external gateway is unexpected relative to the description.
Instruction Scope
The instructions explicitly show JSON-RPC calls to https://gateway.pipeworx.io/sec/mcp and include an mcpServers mapping. That directs the agent to send queries (and any supplied arguments) to a third‑party endpoint instead of directly to sec.gov. The doc does not describe what the gateway does, what it logs, or whether additional context will be forwarded — that creates a potential data‑exfiltration/privacy risk.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is written to disk or installed, which reduces risk.
Credentials
The skill requests no credentials, env vars, or config paths; that is proportionate for public SEC data. That said, absence of required credentials also means the gateway may accept unauthenticated traffic — the SKILL.md offers no transparency about who runs the gateway or how data is used.
Persistence & Privilege
always is false and the skill does not request elevated or persistent presence. Autonomous invocation is allowed by default but not combined with other privilege escalation indicators.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install pipeworx-sec - After installation, invoke the skill by name or use
/pipeworx-sec - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Pipeworx sec?
Query the SEC EDGAR database to find companies, retrieve recent filings by form type, and access key financial metrics from XBRL data. It is an AI Agent Skill for Claude Code / OpenClaw, with 72 downloads so far.
How do I install Pipeworx sec?
Run "/install pipeworx-sec" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Pipeworx sec free?
Yes, Pipeworx sec is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Pipeworx sec support?
Pipeworx sec is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Pipeworx sec?
It is built and maintained by Bruce Gutman (@brucegutman); the current version is v1.0.0.
More Skills