Paperzilla
PassAudited by ClawScan on May 1, 2026.
Overview
Paperzilla is a coherent instruction-only skill for using the Paperzilla CLI, with expected notes around installing the CLI, logging in, and changing project feedback.
This skill appears safe for its stated purpose. Before installing, make sure you trust the Paperzilla CLI source, log in only to the intended account, and have the agent confirm before it runs feedback commands that modify your project recommendations.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or updating the CLI gives the external `pz` binary the ability to run locally when invoked.
The documented Linux install path downloads the latest external release and moves the binary into a system executable directory. This is expected for installing the CLI, but users need to trust the upstream release source.
curl -sL https://github.com/paperzilla-ai/pz/releases/latest/download/pz_linux_amd64.tar.gz | tar xz sudo mv pz /usr/local/bin/
Install only from official Paperzilla sources, prefer package-manager paths where appropriate, and verify release provenance if using the direct download.
After login, the agent can use the CLI to view Paperzilla projects, feeds, recommendations, and account-specific outputs when asked.
The skill discloses that account login is required for project-oriented Paperzilla actions. This is purpose-aligned, but it means the CLI can access account/project data after login.
pz login You need login for project-oriented commands like `project`, `feed`, `rec`, and `feedback`.
Log in only to the intended account and review account-specific outputs, especially personal feed URLs, before sharing them elsewhere.
If used incorrectly, the agent could mark, downvote, star, or clear feedback for the wrong project recommendation.
The CLI includes commands that change recommendation feedback. This matches the skill description, but it is still a state-changing action in the user's Paperzilla project.
pz feedback <project-paper-id> upvote pz feedback <project-paper-id> star pz feedback <project-paper-id> downvote --reason not_relevant pz feedback clear <project-paper-id>
Ask the agent to confirm the project and recommendation ID before running feedback-changing commands.