paperclip-dev-workspace-run-verify-fix
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes common development utilities such as
curl,jq,lsof, andpnpm. These are used for legitimate service management tasks, such as querying API health endpoints, identifying port usage, and executing local test suites. - [CREDENTIALS_UNSAFE]: The skill provides instructions for managing
PAPERCLIP_API_KEYbut explicitly mandates that the agent must not print or expose these keys in output logs or public comments. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its processing of untrusted external data.
- Ingestion points: The agent is instructed to read and confirm the latest issue comments and review project documentation (
doc/DEVELOPING.md). - Boundary markers: There are no specific delimiters or technical constraints defined to prevent the agent from obeying instructions embedded within those issue comments.
- Capability inventory: The agent has the ability to make authenticated POST requests to the control-plane API (e.g., stopping/starting services) and performing database operations via
pnpm paperclipai worktree reseed. - Sanitization: The skill does not specify any sanitization or validation steps for content retrieved from external sources before it is acted upon.
Audit Metadata