parallel-data-enrichment
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the parallel-cli tool through Bash to run data enrichment tasks and poll for status updates.
- [DATA_EXFILTRATION]: As part of its core functionality, the skill sends user-provided data from arguments or CSV files to an external service for processing.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by incorporating untrusted data ($ARGUMENTS and CSV content) into Bash commands. 1. Ingestion points: The skill processes data from the $ARGUMENTS variable and local input.csv files. 2. Boundary markers: Command examples use single quotes to wrap data inputs. 3. Capability inventory: The skill has the capability to execute Bash commands via parallel-cli. 4. Sanitization: There are no explicit instructions or mechanisms for sanitizing or escaping the data before it is passed to the shell.
Audit Metadata