parallel-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill clearly fetches and ingests untrusted public web content: SKILL.md and the scripts/parallel_web.py show ParallelSearch calling the Chat API to perform web searches and ParallelExtract.extract(urls=[...]) to retrieve arbitrary public URLs (see the Extract CLI/examples and ParallelExtract.extract implementation), and those results are synthesized and used to drive research, citations, and subsequent actions—creating a clear avenue for indirect prompt injection.