research-lookup

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These URLs include a direct installer script (https://parallel.ai/install.sh) — a high-risk pattern because executing remote .sh files (curl|bash) from a domain that isn’t independently verified can deliver malware; the API endpoint and example.com link alone are lower risk, but do not mitigate the danger of the direct .sh download.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs web searches and URL extraction from public sites—using parallel-cli search and parallel-cli extract (documented in SKILL.md and research_lookup.py) and Perplexity sonar-pro-search via OpenRouter (README.md and research_lookup.py)—and ingests those untrusted third‑party pages and citations as part of its synthesis, so external content can directly influence agent outputs and behavior, enabling indirect prompt injection.