paprika
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation instructs users to install the
paprika-recipe-clipackage from the NPM registry to provide the necessary functionality. - [COMMAND_EXECUTION]: The skill invokes the
paprikacommand-line tool using various subcommands and arguments. Some arguments, such as recipe names inpaprika recipe "<name>"and search terms inpaprika search "<query>", are derived from user input. - [PROMPT_INJECTION]: The skill processes external data retrieved from the Paprika service, such as recipe instructions and grocery items. This constitutes an indirect prompt injection surface where the agent could potentially encounter and follow instructions embedded within the recipe content.
- Ingestion points: Data returned by
paprika recipes,paprika recipe,paprika meals, andpaprika groceries(referenced in SKILL.md). - Boundary markers: None present; external content is processed directly.
- Capability inventory: The skill is limited to executing the
paprikaCLI tool for data retrieval and display. - Sanitization: No explicit sanitization or filtering of the retrieved recipe or list content is mentioned.
Audit Metadata