Skills
skills/parallel-web/parallel-agent-skills/parallel-web-search/Gen Agent Trust Hub

parallel-web-search

Fail

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches an installation script from https://parallel.ai/install.sh and a Python package parallel-web-tools via pipx. These resources are hosted on the vendor's own infrastructure.
  • [REMOTE_CODE_EXECUTION]: The setup instructions include a pattern where a remote script is downloaded and executed directly by the shell using curl -fsSL https://parallel.ai/install.sh | bash. This is intended for the installation of the vendor's CLI tool.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute parallel-cli for search operations and to run shell commands for environment setup, including pipx install and export for API key management.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from the web.
  • Ingestion points: Data enters the context from the parallel-cli search command, which retrieves content from external websites (SKILL.md).
  • Boundary markers: Absent; there are no delimiters or instructions to the agent to disregard instructions potentially embedded within the search results.
  • Capability inventory: The skill has access to the Bash tool, which is used for CLI execution and file writing (SKILL.md).
  • Sanitization: The skill does not implement sanitization or validation of the search results before they are processed by the agent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://parallel.ai/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 11, 2026, 10:43 PM