The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The setup instructions direct the user to install a CLI tool by piping a script from 'https://parallel.ai/install.sh' directly into bash. This is a high-risk command execution pattern that bypasses integrity verification and executes remote code with user privileges.
[CREDENTIALS_UNSAFE]: The skill instructs the agent to access and load a local '.env' file to authenticate the 'parallel-cli' tool. Accessing sensitive files like '.env' which contain private API keys poses a risk of credential exposure if the data is mishandled or leaked into the agent's context.
[COMMAND_EXECUTION]: The skill relies on multiple shell commands (parallel-cli, dotenv, uv, pip) to perform its functions. User-supplied arguments such as URLs and search queries are passed to these commands, creating a potential risk for command injection if the inputs are not strictly validated by the underlying tool.
[EXTERNAL_DOWNLOADS]: The skill downloads and installs several external dependencies and scripts from remote sources, including 'parallel-web-tools' and 'python-dotenv'. These downloads occur from non-standard repositories, introducing supply chain risks.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of fetching and processing untrusted content from the web.
Ingestion points: Web search results and extracted page content from arbitrary URLs are read into the agent's context via stdout and files.
Boundary markers: There are no explicit delimiters or instructions provided to help the agent distinguish between its own instructions and the content retrieved from external sources.
Capability inventory: The skill has access to subprocess execution via 'parallel-cli' for search, extraction, and research tasks.
Sanitization: No sanitization or filtering logic is mentioned for the fetched content before it is processed by the agent.

parallel-web