parallel
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses official API endpoints and standard environment variable configurations for authentication. No evidence of malicious behavior or data exfiltration was found.
- [PROMPT_INJECTION]: The skill processes untrusted web data, presenting a surface for indirect prompt injection. 1. Ingestion points: Search excerpts and page extractions in the 'parallel' script. 2. Boundary markers: Untrusted content is returned as formatted Markdown without explicit delimiters. 3. Capability inventory: Network access via the 'httpx' library. 4. Sanitization: Content is passed to the agent without filtering or sanitization.
Audit Metadata