Skills
skills/parallel-web/parallel-agent-skills/parallel-findall/Gen Agent Trust Hub

parallel-findall

Fail

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides an installation command that fetches a shell script from the author's official domain (parallel.ai) and pipes it directly to bash for execution.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the parallel-web-tools package from PyPI via pipx as an alternative setup method.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing entity discovery results from external web sources.
  • Ingestion points: Entity data is retrieved via the parallel-cli findall poll command and saved to local files in /tmp/ before being parsed by the agent.
  • Boundary markers: Absent; the instructions do not specify using delimiters or prompts to ignore potentially malicious instructions within the fetched data.
  • Capability inventory: The skill uses the Bash tool to run CLI commands and can write results to the file system.
  • Sanitization: Absent; the skill suggests filtering results for quality (e.g., removing noise) but does not include security-focused sanitization to prevent the agent from interpreting instructions found in entity metadata.
Recommendations
  • HIGH: Downloads and executes remote code from: https://parallel.ai/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
May 8, 2026, 03:32 PM