Paperclip Resilience

Production resilience patterns for Paperclip AI agent orchestration. Spawn-with-fallback, model rotation, run recovery, blocker routing, and task injection —...

What to check before installing / running this skill: - Credentials: The skill needs Paperclip API credentials (PAPERCLIP_API_URL, PAPERCLIP_API_KEY, PAPERCLIP_COMPANY_ID, etc.) and at least one or two LLM provider API keys for fallback behavior. The registry metadata did not list these env vars — do not assume none are required. Provide least-privilege keys and use scoped API tokens where possible. - Config review: Inspect config.json (and config.example.json) before use. The skill will read/write files under your home directory (defaults: ~/.openclaw/*, ~/.openclaw/model-rotation-state.json, optional Tasks.md and Journal files). Make sure paths and fallbacks point to providers you control. - File access & privacy: Blocker-routing scans session transcripts and may read markdown files referenced in agent outputs; if you enable webhook routing, these findings could be POSTed to an external URL. Ensure webhook endpoints are trusted and consider disabling webhook routing if unsure. - Network endpoints: paperclip-issue-gate and run-recovery call the Paperclip API (PAPERCLIP_API_URL). Confirm the API_URL and keys are correct and limited. Review where any configured webhook URLs point before enabling them. - State persistence: model-rotation stores state in a JSON file by default (~/.openclaw). If you need ephemeral operation, change statePath or run with an isolated account/container. - Test in isolation: Run the provided tests and dry-run flags (e.g., --dry-run) in a safe environment to observe behavior before scheduling cron jobs. Prefer using --no-write or mocks for API calls when validating. - Audit and mitigate: Because the registry omitted required env vars, treat this package as having incomplete metadata. If you will deploy it in production, request the author/maintainer clarify the declared required environment variables and consider running it in an isolated runtime with scoped credentials. If you want, I can list all env vars and file paths referenced by the code and suggest minimal scoping for credentials and filesystem locations.

Type: OpenClaw Skill Name: paperclip-resilience Version: 1.1.0 The paperclip-resilience skill bundle provides a suite of tools for managing AI agent reliability, including model fallback, run recovery, and task enrichment. The code demonstrates a high level of security awareness, featuring extensive input validation and path sanitization in `src/spawn-with-fallback.js` to prevent path traversal and command injection. It uses `execFile` for process execution and implements a comprehensive security test suite (`tests/test-security.js`) and a self-documented audit report (`SECURITY-AUDIT-REPORT.md`). The interactions with the Paperclip API and local filesystem are consistent with the stated purpose of agent orchestration and resilience.