Skills
skills/parallel-web/parallel-agent-skills/result/Gen Agent Trust Hub

result

Pass

Audited by Gen Agent Trust Hub on May 23, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute parallel-cli research poll. The command correctly quotes the user-provided $ARGUMENTS string, which prevents standard shell injection attacks.
  • [INDIRECT_PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it ingests and displays external data (research results).
  • Ingestion points: Data retrieved from the parallel-cli research poll command is returned to the agent context.
  • Boundary markers: None present in the instructions to separate external content from system instructions.
  • Capability inventory: The skill uses the Bash tool for command execution as defined in SKILL.md.
  • Sanitization: Shell arguments are quoted, but no specific sanitization of the research output content is performed before presentation to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 23, 2026, 12:35 AM
Security Audit — agent-trust-hub — result