skills/parallel-web/parallel-agent-skills/parallel-data-enrichment/Snyk

parallel-data-enrichment

Warn

Audited by Snyk on May 23, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly says this tool "Adds web-sourced fields (CEO names, funding, contact info)" and instructs the agent to run parallel-cli enrichment, poll and read the resulting JSON output (preview rows and use them), so the agent consumes untrusted public web–sourced content that can influence subsequent decisions/actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 23, 2026, 12:35 AM

Issues

1

Security Audit — snyk — parallel-data-enrichment