v1.0.3

Parallel AI search

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:17 AM.

Analysis

This is a coherent Parallel CLI web-search skill, but users should notice that it can install a CLI, authenticate to Parallel, send data to Parallel, and create ongoing monitoring jobs.

GuidanceThis skill appears benign and aligned with its stated purpose. Before installing or using it, make sure you trust Parallel's CLI installation path, use appropriate credentials, avoid sending private datasets or confidential URLs unless you intend to share them with Parallel, and treat monitoring jobs as ongoing server-side activity that may need later cleanup.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

curl -fsSL https://parallel.ai/install.sh | bash

The skill documents a remote shell-script installer for parallel-cli, with pipx as a fallback. This is expected setup for the skill, but it is still a supply-chain-sensitive install path.

User impactInstalling through a remote script or unpinned package can change the local environment and depends on trusting the provider and network path.

RecommendationReview Parallel's installer documentation, prefer an installation method you trust, and install the CLI manually if you do not want the agent to run setup commands.

Rogue Agents

SeverityMediumConfidenceHighStatusNote

SKILL.md

Monitor: track web changes on a cadence, optionally via webhook

The skill includes ongoing monitoring functionality that can continue beyond a one-off answer. This is part of the advertised purpose, but it is persistent behavior users should control.

User impactA created monitor may continue running on a schedule and may consume service quota or produce future notifications until managed or stopped.

RecommendationCreate monitors only when explicitly desired, record monitor IDs, and periodically review or delete monitors that are no longer needed.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Requires parallel-cli installed + authenticated (PARALLEL_API_KEY or parallel-cli login)

The skill needs a Parallel account credential or login session to use the external service. This is expected for the stated integration, but the registry metadata lists no required env vars or primary credential.

User impactCommands may run under the user's Parallel account and can consume account quota or access features allowed by that account.

RecommendationUse a dedicated or least-privileged Parallel API key where possible, and confirm the account and quota implications before running large research, enrichment, or monitoring jobs.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

references/command-templates.md

parallel-cli monitor create "$OBJECTIVE"   --cadence hourly   --webhook "https://example.com/hook"   --json

The monitor workflow can send monitoring events to a webhook. This is disclosed and optional, but webhook destinations define an external data boundary.

User impactIf a webhook is used, monitoring results or related event data may be delivered to an external endpoint.

RecommendationOnly use webhook URLs you control and trust, and avoid including sensitive objectives or data in monitors unless that destination is approved.