parallel-research
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill writes a shell script (run-agent.sh) to the local file system and subsequently executes it using the bash tool.
- [COMMAND_EXECUTION]: Uses tmux send-keys to programmatically send commands to terminal panes, allowing for the automated execution of subprocesses without individual confirmation.
- [EXTERNAL_DOWNLOADS]: Explicitly enables WebSearch and WebFetch capabilities for the sub-agents, allowing them to download and process content from external web sources.
- [COMMAND_EXECUTION]: Performs chmod +x on a dynamically created script to grant execution permissions.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: external web data is written to research-agents subdirectories. Boundary markers: sub-agent prompts include instructions to not modify files. Capability inventory: subprocess calls include Bash, Write, and Web tools. Sanitization: no explicit sanitization of web content is performed before processing.
Audit Metadata