parallel-web-search

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The presence of an explicit installer script (https://parallel.ai/install.sh) and an instruction to curl|bash it is a high-risk pattern that can deliver arbitrary code, while the other two example.com URLs are generic pages (not direct downloads) but the overall behavior (remote install script + curl|bash) makes this set suspicious.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to run parallel-cli search to fetch and parse open web search results (saving full JSON from public URLs such as those in /tmp/$FILENAME.json) and to extract and cite excerpts from those third-party pages, which means untrusted public web content is both ingested and used to drive conclusions/actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Setup instructs running a runtime command that fetches and executes remote code—curl -fsSL https://parallel.ai/install.sh | bash—which installs the required parallel-cli dependency and therefore directly executes external code from that URL.