parallel-deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides instructions to install the parallel-cli by piping a script from the vendor's domain (parallel.ai) directly to bash. This is part of the standard setup process for the vendor's tools.
- [EXTERNAL_DOWNLOADS]: The skill installs the parallel-web-tools package from the Python package registry using pipx as an alternative setup method.
- [COMMAND_EXECUTION]: The skill utilizes Bash to execute parallel-cli commands for running research tasks and polling for their completion.
- [PROMPT_INJECTION]: The skill processes untrusted web data as part of its research function, creating a surface for indirect prompt injection.
- Ingestion points: External data is ingested via parallel-cli and stored in local .md and .json files.
- Boundary markers: No specific boundary markers or instructions to ignore embedded commands are included in the prompt templates.
- Capability inventory: The skill has access to the Bash tool and filesystem to execute CLI tools and write output files.
- Sanitization: No content sanitization or validation is performed on the results returned from the research processor.
Audit Metadata