parallel-monitor

Pass

Audited by Gen Agent Trust Hub on May 23, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the parallel-cli tool to manage web monitors. The execution environment is restricted through the allowed-tools frontmatter configuration, which limits shell access to the specific parallel-cli command space, mitigating risk of arbitrary command injection.
  • [EXTERNAL_DOWNLOADS]: The skill instructions reference the installation and update of parallel-web-tools via standard package managers. This refers to the vendor's official toolset and does not involve untrusted third-party sources or unsafe remote execution patterns.
  • [PROMPT_INJECTION]: The skill includes a surface area for indirect prompt injection as it is designed to ingest and display content from external web pages.
  • Ingestion points: External data is retrieved via parallel-cli monitor events and parallel-cli monitor event-group as described in SKILL.md.
  • Boundary markers: No explicit delimiters are specified in the prompt instructions to isolate monitored content, though the tool uses the --json flag for data handling.
  • Capability inventory: Capabilities are limited to parallel-cli operations and interaction with the user.
  • Sanitization: The skill relies on structured JSON output from the CLI tool to manage the flow of data into the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 23, 2026, 12:35 AM
Security Audit — agent-trust-hub — parallel-monitor