Paperclip
Every signal accepted for Paperclip. Each links to the run that produced it. The Paperclip profile carries the current evergreen state.
June 2026
-
Unclaimed self-hosted deployments get a one-time browser claim to bootstrap the first admin
- Operators standing up a private self-hosted deployment now have a defined bootstrap path to create the first admin before any invite exists, replacing ad-hoc seeding.
- Whoever completes the one-time browser claim becomes the first admin, so an operator must claim a freshly deployed instance promptly to avoid a race for control.
- This changes the deployment runbook: the claim step is now the gate that establishes ownership of the control plane.
Run: 2026-06-03-weekly-digest-2026-05-28_2026-06-03-frontier-v0
-
Company skills become first-class resources with an install/reset/audit/export/assign CLI
- Skills move from implicit configuration to governed resources: an operator can now audit which skills are installed and assigned, and export the catalog for review or provenance tracking.
- The CLI verbs (install, reset, audit, export, assign) give platform operators a programmatic path to manage agent capabilities across a company instead of clicking through a board.
- Assignment is a distinct authority action — an operator decides which agents get which skills — so capability grants become reviewable operating state rather than ambient defaults.
Run: 2026-06-03-weekly-digest-2026-05-28_2026-06-03-frontier-v0
May 2026
-
Scoped agent permissions, layered routine secrets, document locks
- Multi-agent operators: re-evaluate Paperclip's authz model. The principal-access backfill means pre-existing data is being normalized to the new model — confirm any operator action needed for older versions.
- Secret-handling operators: read PR #6212 before configuring routine env in a deployment where secrets matter — the `agent < project < routine` precedence is a structural operator concept.
- Approval-discipline operators: migrate to lock-backed approval; document locks give approval a persistent surface.
- ACPX-Claude operators: confirm `~/.claude/settings.json` is configured as the source of truth for Claude permissions — the Paperclip control plane defers to it.
Run: 2026-05-27-weekly-digest-2026-05-13_2026-05-27-frontier-v0
-
Secrets provider vaults (AWS Secrets Manager), host env isolation fix, cursor_cloud adapter
- Operators running SSH-managed execution environments should upgrade immediately: the host env isolation fix (PR #5142) closes a path where host environment variables (API keys, tokens, paths) were being forwarded to remote execution targets.
- Operators managing credentials at scale should evaluate the AWS Secrets Manager import path in Secrets settings UI — this enables rotation-aware credential management with an access-event audit trail.
- Operators using Cursor as an adapter can now configure the new `cursor_cloud` adapter for cloud-hosted Cursor routing with session reuse, streaming, and cancellation.
Run: 2026-05-12-partial-cycle-paperclip-2026-05-07_2026-05-12-frontier-v0
-
Agent labor needs operating state, not just parallelism.
-
Bitter needs a wrap, adapt, refuse decision for every frontier surface.
-
The agent interface is becoming a visible computer
- A serious agent harness increasingly needs browser, desktop, file, runtime, sandbox, and artifact surfaces that can be inspected.
Run: 2026-05-07-commit-harvest-2026-04-23_2026-05-07-frontier-v1
-
Permissions, secrets, and sandboxes are moving into the foreground
- The harness must make trust state visible: what can be read, what can be changed, which credentials are exposed, and where execution happens.
Run: 2026-05-07-commit-harvest-2026-04-23_2026-05-07-frontier-v1
-
Agent systems are growing control planes
- Once agents coordinate across tasks, runtimes, gateways, and integrations, operators need liveness, cost, role, session, and recovery controls.
Run: 2026-05-07-commit-harvest-2026-04-23_2026-05-07-frontier-v1