Skills
skills/spencerpauly/awesome-cursor-skills/parallel-exploring/Gen Agent Trust Hub

parallel-exploring

Warn

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill instructions (Task 3) explicitly direct the agent to search for and read .env* files as part of infrastructure exploration. Since environment files frequently contain hardcoded credentials, API keys, and other secrets, this instruction creates a risk of sensitive data exposure.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of large amounts of untrusted data from a codebase into the agent's context through multiple subagents, which presents a surface for indirect prompt injection.
  • Ingestion points: Files throughout the codebase, including sensitive directories and configuration files specifically targeted by the exploration tasks (e.g., src/, .env*, .github/).
  • Boundary markers: Absent; no instructions are provided to the agent to delimit untrusted codebase content or to ignore potential instructions embedded within those files.
  • Capability inventory: Uses the Task tool with subagent_type: "explore", which is a read-only code search and analysis capability.
  • Sanitization: Absent; the skill does not include steps to sanitize or validate the content retrieved from the codebase before synthesizing the final report.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 11, 2026, 03:10 PM