literature-review
Fail
Audited by Snyk on Jun 13, 2026
Risk Level: CRITICAL
Full Analysis
CRITICAL E005: Suspicious download URL detected in skill instructions.
- Suspicious download URL detected (high risk: 0.70). Most URLs are reputable academic and publisher resources, but the presence of a direct shell installer URL (https://parallel.ai/install.sh) and the curl | bash installation pattern in the skill prompt are high‑risk indicators because remote scripts/executables can deliver malware if not from a verified, trusted source.
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). The required runtime workflow uses
parallel-cli search/parallel-cli extractto fetch and ingest full text/abstracts from public web sources (e.g., arbitrary URLs from scholarly domains), which are outsider-authored free text that can be included into the agent’s LLM context for screening/extraction.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill requires installing the primary runtime tool via a remote install script that is fetched and executed (curl -fsSL https://parallel.ai/install.sh | bash), which downloads and runs remote code as a required dependency for the skill.
MEDIUM W021: Hidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
- Hidden Unicode characters detected (1 type(s) found)
Issues (4)
E005
CRITICALSuspicious download URL detected in skill instructions.
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
W021
MEDIUMHidden or invisible Unicode characters detected (potential obfuscation or prompt injection).
Audit Metadata