paperzilla
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the 'pz' CLI tool through verified package management systems (Homebrew, Scoop) and official GitHub repositories associated with the Paperzilla service.
- [COMMAND_EXECUTION]: The skill makes use of the 'pz' CLI to list projects, fetch paper content, and submit feedback. These operations are within the expected functional scope of the skill and do not use arbitrary shell execution.
- [PROMPT_INJECTION]:
- Ingestion points: Research paper text and project recommendations are ingested through 'pz paper' and 'pz rec' commands in SKILL.md.
- Boundary markers: Absent; the skill does not explicitly define boundaries to separate ingested paper content from agent instructions.
- Capability inventory: Limited to network communication with the paperzilla.ai service via the CLI.
- Sanitization: Absent; external research content is processed directly for summarization purposes.
Audit Metadata