paperclip-dev-workspace-run-verify-fix

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes common development utilities such as curl, jq, lsof, and pnpm. These are used for legitimate service management tasks, such as querying API health endpoints, identifying port usage, and executing local test suites.
  • [CREDENTIALS_UNSAFE]: The skill provides instructions for managing PAPERCLIP_API_KEY but explicitly mandates that the agent must not print or expose these keys in output logs or public comments.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its processing of untrusted external data.
  • Ingestion points: The agent is instructed to read and confirm the latest issue comments and review project documentation (doc/DEVELOPING.md).
  • Boundary markers: There are no specific delimiters or technical constraints defined to prevent the agent from obeying instructions embedded within those issue comments.
  • Capability inventory: The agent has the ability to make authenticated POST requests to the control-plane API (e.g., stopping/starting services) and performing database operations via pnpm paperclipai worktree reseed.
  • Sanitization: The skill does not specify any sanitization or validation steps for content retrieved from external sources before it is acted upon.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 02:13 AM
Security Audit — agent-trust-hub — paperclip-dev-workspace-run-verify-fix