Paperclip: Malicious skills able to exfiltrate and destroy all user data

Severity:: High

Description

An arbitrary code execution vulnerability in the workspace runtime service allows any agent to execute shell commands on the server, exposing all environment variables including API keys, JWT secrets, and database credentials.

Recommendation

Update the @paperclipai/server package to the latest compatible version. Followings are version details:

Affected version(s): < 2026.416.0
Patched version(s): 2026.416.0

References

GHSA-w8hx-hqjv-vjcq
CWE-77
OWASP 2021-A3

Related Issues

@saltcorn/data: Tenant user role is used for tenant creation role check - Vulnerability
Paperclip: Approval decision attribution spoofing via client-controlled `decidedByUserId` in paperclip server - Vulnerability
Paperclip: Cross-tenant agent API token minting via missing assertCompanyAccess on /api/agents/:id/keys - Vulnerability
Paperclip: OS Command Injection via Execution Workspace cleanupCommand - Vulnerability

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:: npm; @paperclipai/server

Anything's wrong? Let us know Last updated on April 16, 2026