Run agents on your own keys with user-scoped secrets
Secrets can now be scoped to each user: teammates store their own values, and Paperclip checks the human behind a run supplied them before it dispatches.
You don’t hand a colleague your GitHub token. Paperclip v2026.707.0 applies the same rule to agents: secrets can now be scoped to the individual human, not just the company. Each user stores their own value for a secret, and Paperclip checks that the human behind a run has supplied what it needs before the run dispatches (#8825).
One value per secret
Until now, a secret held one company-wide value (the secrets reference covers that model, its providers, and vaults). One value works for one person. The moment a second human joins, they either borrow someone else’s keys or can’t run agents at all.
How it works
The pieces land in order. A secret definition can now be user-scoped, and each user stores their own value for it. Definitions bind to environments, so the runs that need a credential declare it. New responsible-user run attribution ties every run to the human it acts for. Before a run dispatches, Paperclip deterministically checks that this user has supplied the value the run needs, so a missing credential surfaces before the run starts.

You see the check in the product. If a secret you’re responsible for has no value yet, Paperclip warns you as you create the task, names the missing secret, and lets you set your value on the spot.

Secret references everywhere env vars live
The same release replaces the legacy environment variables editor with a single reusable editor used everywhere environment variables are configured: agents, projects, routines, and company environments. It handles text values, secret references, draft rows, and sensitive-value warnings consistently, with a clearer affordance for converting a plain value into a secret reference (#8930).
Getting started
Define a user-scoped secret, have each teammate store their own value, and bind the definition to the environments that need it. Dispatch does the checking from there. The user-scoped secrets guide explains secret scopes and responsible-user attribution in depth.
Groundwork for multi-user and cloud execution
The release notes call user-scoped secrets “a real prerequisite for safe multi-user and cloud execution.” The immediate payoff is concrete: the next person who joins your company supplies their own keys and runs agents the same day, and every run is attributable to the human behind it.