parallel-web

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Most links are benign (doi.org, arxiv.org, example.com), but https://parallel.ai/install.sh is a direct shell installer (a downloadable .sh meant to be run), which is a high‑risk distribution pattern unless you fully trust the vendor and have verified the script.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s Web Extract capability fetches arbitrary runtime webpage/PDF content from a user-supplied URL via parallel-cli extract ... -o "$FILENAME.json", and that extracted free text is then used to generate the response—this is outsider-authored content (public web pages) that can contain indirect prompt-injection payloads.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's setup step runs a remote install script at runtime via "curl -fsSL https://parallel.ai/install.sh | bash", which fetches and executes remote code and is required to install the needed parallel-cli dependency.