Skills
skills/parallel-web/agent-skills/parallel-web-extract/Gen Agent Trust Hub

parallel-web-extract

Fail

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The setup instructions in SKILL.md include a command to download and execute a shell script from https://parallel.ai/install.sh by piping it directly to bash.
  • [EXTERNAL_DOWNLOADS]: The skill instructions in SKILL.md recommend installing the parallel-web-tools package via pipx from an external repository.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from untrusted external URLs.
  • Ingestion points: Data from external URLs is ingested via the parallel-cli extract command in SKILL.md.
  • Boundary markers: No delimiters or instructions are used in SKILL.md to distinguish between fetched data and agent instructions.
  • Capability inventory: The skill can execute commands via the Bash tool and has network access, as specified in SKILL.md.
  • Sanitization: No sanitization or filtering of the extracted content is performed before it is presented to the agent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://parallel.ai/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 12, 2026, 01:02 AM