forked from farhoodlabs/paperclip
Chris Farhood
27db0d3c67
Five connected gaps in the original PAT feature, all in company-skills.ts: 1. upsertImportedSkills only protected bundled rows from overwrite when the incoming source claimed to be paperclipai/paperclip. A SKILL.md from any other org/repo whose key resolves to paperclipai/paperclip/<slug> would hijack the bundled row and gain a sourceAuthSecretId. Broadened: any non-bundled incoming is rejected when existing is paperclip_bundled. 2. The metadata-build block preserved sourceAuthSecretId from existing indiscriminately, so any pollution of a bundled row was kept across every ensureBundledSkills re-upsert. Skip preservation when existing is bundled. 3. importFromSource's auth-token loop wrote sourceAuthSecretId for every imported skill including any bundled ones that snuck through. Defense in depth: skip skills with sourceKind === "paperclip_bundled". 4. updateSkillAuth had no guard, so the PATCH /skills/:id/auth route could attach a PAT to a bundled skill via direct API call. Reject explicitly. 5. deleteSkill removed the secret without checking whether any sibling skill still referenced it via metadata.sourceAuthSecretId. Re-imports preserve that reference, so two skills could share a secret and deleting one would orphan the other's reference. Now skip the remove if another skill in the same company still references the secret.