parallel-data-enrichment
Fail
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to download and execute a shell script directly from the vendor's domain (https://parallel.ai/install.sh) for environment setup.\n- [EXTERNAL_DOWNLOADS]: The skill references the installation of the parallel-web-tools Python package via pipx from public repositories.\n- [COMMAND_EXECUTION]: The skill utilizes the parallel-cli tool to execute enrichment operations, monitor task status, and poll for completion via the bash environment.\n- [DATA_EXFILTRATION]: The skill is designed to transmit user-provided data (such as CSV rows or JSON entities) to the vendor's infrastructure for enrichment purposes.\n- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it processes and previews data from external, potentially untrusted sources.\n
- Ingestion points: Data is ingested from CSV files (specified by --source) or inline JSON strings (specified by --data) processed by the CLI.\n
- Boundary markers: There are no explicit instructions or delimiters used to prevent the agent from interpreting instructions contained within the external datasets.\n
- Capability inventory: The skill possesses the capability to execute shell commands and perform network operations via parallel-cli and curl.\n
- Sanitization: The skill does not demonstrate any validation or sanitization of the external data before it is processed or presented in the output preview.
Recommendations
- HIGH: Downloads and executes remote code from: https://parallel.ai/install.sh - DO NOT USE without thorough review
Audit Metadata