parallel-search
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill connects to the official service endpoint at https://search-mcp.parallel.ai/mcp to provide search and fetch functionality.
- [SAFE]: Local persistence of authentication tokens in ~/.mcp-skill/auth/ is a standard implementation for developer tools requiring persistent OAuth sessions.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the web. Ingestion points: Data is fetched from URLs via the web_fetch and web_search_preview tools in app.py. Boundary markers: No explicit delimiters or instructions are used to separate external content from agent instructions. Capability inventory: The skill only performs network requests to the authorized API and lacks local file-write or shell execution capabilities. Sanitization: The skill processes results as JSON but does not filter or sanitize the textual content retrieved from the web.
Audit Metadata