parallel-web-extract
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface.\n
- Ingestion points: Untrusted content is ingested from external URLs provided via the $ARGUMENTS variable in SKILL.md.\n
- Boundary markers: The skill instructions do not include delimiters or specific instructions for the agent to ignore potentially malicious commands embedded in the fetched content.\n
- Capability inventory: The skill has the capability to execute bash commands using the parallel-cli tool as defined in SKILL.md.\n
- Sanitization: There is no evidence of sanitization, escaping, or filtering of the extracted content before it is processed by the agent context.\n- [COMMAND_EXECUTION]: Execution of vendor-specific CLI tool.\n
- The skill utilizes the command parallel-cli extract "$ARGUMENTS" --json. This tool is identified as a vendor resource for parallel-web and its use is consistent with the skill's stated purpose.
Audit Metadata