parallel-data-enrichment

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). High risk — the URL points to a direct shell script (install.sh) on an external domain and the skill explicitly instructs piping it into bash (curl | bash), which can run arbitrary unverified commands and is a common vector for malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly says the tool "Adds web-sourced fields (CEO names, funding, contact info)" via the parallel-cli enrich flow, which fetches/ingests open web content and returns output CSV rows that the agent is expected to read/interpret (preview), so untrusted third-party content can influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's setup includes a runtime installation command that downloads and pipes a remote script to bash (curl -fsSL https://parallel.ai/install.sh | bash), which would execute remote code to install the required parallel-cli dependency.