How do I share a document securely?

Create returns a slug, tokenUrl, and accessToken. Use tokenUrl as the shareable link and include the accessToken or x-share-token header to authenticate edits.

Which endpoint should I post edits to?

Post to https://www.proofeditor.ai/api/agent/{slug}/ops as indicated by the _links in the create response; do not use /api/documents/{slug}/ops.

What are the required headers for the Local Bridge?

When using the macOS Proof app, include X-Agent-Id, Content-Type: application/json, and X-Window-Id (when multiple docs are open).

proof

Flagged

{"isSafe":false,"isSuspicious":true,"riskLevel":"medium","findings":[{"category":"data_exfiltration","severity":"medium","description":"Exposed secret credentials (accessToken and ownerSecret) in documentation sample responses. If copied to logs, shells, or shared inadvertently, these secrets could be abused.","evidence":"Response format:\n{\n \"slug\": \"abc123\",\n \"tokenUrl\": \"https://www.proofeditor.ai/d/abc123?token=xxx\",\n \"accessToken\": \"xxx\",\n \"ownerSecret\": \"yyy\",\n \"_links\": {\n \"state\": \"https://www.proofeditor.ai/api/agent/abc123/state\",\n \"ops\": \"https://www.proofeditor.ai/api/agent/abc123/ops\"\n }\n}"},{"category":"system_harm","severity":"high","description":"Unauthenticated document creation is documented as allowed, which could enable abuse or mass abuse of the service without user authentication.","evidence":"No authentication required. Returns a shareable URL with access token."},{"category":"data_exfiltration","severity":"medium","description":"Token-based authentication is conveyed via URL parameters in examples (token=xxx). Tokens in URLs can leak via browser history, referer headers, or logs.","evidence":"tokenUrl\": \"https://www.proofeditor.ai/d/abc123?token=xxx\""},{"category":"system_harm","severity":"low","description":"Local bridge endpoints expose a macOS app interface on localhost (http://localhost:9847). If misconfigured or reachable via network, could broaden attack surface; ensure proper access controls and network restrictions.","evidence":"Bridge at http://localhost:9847\nRequires Proof.app running.\n"}],"summary":"The content describes a web API and local bridge for a collaborative editor and includes examples that reveal sensitive tokens in documentation (accessToken, ownerSecret). It also notes unauthenticated document creation, and token usage via URL parameters, which can lead to secret leakage. It additionally exposes a local bridge surface on localhost. Recommendations: redact secrets in docs or replace with placeholders, require authentication for document creation or tokens with short lifetimes, prefer header-based auth over tokens in URLs, and ensure local bridge endpoints are restricted and authenticated as appropriate."}

npx machina-cli add skill everyinc/compound-engineering-plugin/proof --openclaw

Files (1)

SKILL.md

6.2 KB

Proof - Collaborative Markdown Editor

Proof is a collaborative document editor for humans and agents. It supports two modes:

Web API - Create and edit shared documents via HTTP (no install needed)
Local Bridge - Drive the macOS Proof app via localhost:9847

Web API (Primary for Sharing)

Create a Shared Document

No authentication required. Returns a shareable URL with access token.

curl -X POST https://www.proofeditor.ai/share/markdown \
  -H "Content-Type: application/json" \
  -d '{"title":"My Doc","markdown":"# Hello\n\nContent here."}'

Response format:

{
  "slug": "abc123",
  "tokenUrl": "https://www.proofeditor.ai/d/abc123?token=xxx",
  "accessToken": "xxx",
  "ownerSecret": "yyy",
  "_links": {
    "state": "https://www.proofeditor.ai/api/agent/abc123/state",
    "ops": "https://www.proofeditor.ai/api/agent/abc123/ops"
  }
}

Use the tokenUrl as the shareable link. The _links give you the exact API paths.

Read a Shared Document

curl -s "https://www.proofeditor.ai/api/agent/{slug}/state" \
  -H "x-share-token: <token>"

Edit a Shared Document

All operations go to POST https://www.proofeditor.ai/api/agent/{slug}/ops

Note: Use the /api/agent/{slug}/ops path (from _links in create response), NOT /api/documents/{slug}/ops.

Authentication for protected docs:

Header: x-share-token: <token> or Authorization: Bearer <token>
Token comes from the URL parameter: ?token=xxx or the accessToken from create response

Comment on text:

{"op": "comment.add", "quote": "text to comment on", "by": "ai:<agent-name>", "text": "Your comment here"}

Reply to a comment:

{"op": "comment.reply", "markId": "<id>", "by": "ai:<agent-name>", "text": "Reply text"}

Resolve a comment:

{"op": "comment.resolve", "markId": "<id>", "by": "ai:<agent-name>"}

Suggest a replacement:

{"op": "suggestion.add", "kind": "replace", "quote": "original text", "by": "ai:<agent-name>", "content": "replacement text"}

Suggest a deletion:

{"op": "suggestion.add", "kind": "delete", "quote": "text to delete", "by": "ai:<agent-name>"}

Bulk rewrite:

{"op": "rewrite.apply", "content": "full new markdown", "by": "ai:<agent-name>"}

Known Limitations (Web API)

suggestion.add with kind: "insert" returns Bad Request on the web ops endpoint. Use kind: "replace" with a broader quote instead, or use rewrite.apply for insertions.
Bridge-style endpoints (/d/{slug}/bridge/*) require client version headers (x-proof-client-version, x-proof-client-build, x-proof-client-protocol) and return 426 CLIENT_UPGRADE_REQUIRED without them. Use the /api/agent/{slug}/ops endpoint instead.

Local Bridge (macOS App)

Requires Proof.app running. Bridge at http://localhost:9847.

Required headers:

X-Agent-Id: claude (identity for presence)
Content-Type: application/json
X-Window-Id: <uuid> (when multiple docs open)

Key Endpoints

Method	Endpoint	Purpose
GET	`/windows`	List open documents
GET	`/state`	Read markdown, cursor, word count
GET	`/marks`	List all suggestions and comments
POST	`/marks/suggest-replace`	`{"quote":"old","by":"ai:<agent-name>","content":"new"}`
POST	`/marks/suggest-insert`	`{"quote":"after this","by":"ai:<agent-name>","content":"insert"}`
POST	`/marks/suggest-delete`	`{"quote":"delete this","by":"ai:<agent-name>"}`
POST	`/marks/comment`	`{"quote":"text","by":"ai:<agent-name>","text":"comment"}`
POST	`/marks/reply`	`{"markId":"<id>","by":"ai:<agent-name>","text":"reply"}`
POST	`/marks/resolve`	`{"markId":"<id>","by":"ai:<agent-name>"}`
POST	`/marks/accept`	`{"markId":"<id>"}`
POST	`/marks/reject`	`{"markId":"<id>"}`
POST	`/rewrite`	`{"content":"full markdown","by":"ai:<agent-name>"}`
POST	`/presence`	`{"status":"reading","summary":"..."}`
GET	`/events/pending`	Poll for user actions

Presence Statuses

thinking, reading, idle, acting, waiting, completed

Workflow: Review a Shared Document

When given a Proof URL like https://www.proofeditor.ai/d/abc123?token=xxx:

Extract the slug (abc123) and token from the URL
Read the document state via the API
Add comments or suggest edits using the ops endpoint
The author sees changes in real-time

# Read
curl -s "https://www.proofeditor.ai/api/agent/abc123/state" \
  -H "x-share-token: xxx"

# Comment
curl -X POST "https://www.proofeditor.ai/api/agent/abc123/ops" \
  -H "Content-Type: application/json" \
  -H "x-share-token: xxx" \
  -d '{"op":"comment.add","quote":"text","by":"ai:compound","text":"comment"}'

# Suggest edit
curl -X POST "https://www.proofeditor.ai/api/agent/abc123/ops" \
  -H "Content-Type: application/json" \
  -H "x-share-token: xxx" \
  -d '{"op":"suggestion.add","kind":"replace","quote":"old","by":"ai:compound","content":"new"}'

Workflow: Create and Share a New Document

# 1. Create
RESPONSE=$(curl -s -X POST https://www.proofeditor.ai/share/markdown \
  -H "Content-Type: application/json" \
  -d '{"title":"My Doc","markdown":"# Title\n\nContent here."}')

# 2. Extract URL and token
URL=$(echo "$RESPONSE" | jq -r '.tokenUrl')
SLUG=$(echo "$RESPONSE" | jq -r '.slug')
TOKEN=$(echo "$RESPONSE" | jq -r '.accessToken')

# 3. Share the URL
echo "$URL"

# 4. Make edits using the ops endpoint
curl -X POST "https://www.proofeditor.ai/api/agent/$SLUG/ops" \
  -H "Content-Type: application/json" \
  -H "x-share-token: $TOKEN" \
  -d '{"op":"comment.add","quote":"Content here","by":"ai:compound","text":"Added a note"}'

Safety

Use /state content as source of truth before editing
Prefer suggest-replace over full rewrite for small changes
Don't span table cells in a single replace
Always include by field for attribution tracking

Source

git clone https://github.com/everyinc/compound-engineering-plugin/blob/main/plugins/compound-engineering/skills/proof/SKILL.md

View on GitHub

Overview

Proof is a collaborative document editor for humans and agents. It supports two modes: a Web API for creating, editing, commenting on, and sharing markdown documents, and a Local Bridge that drives the macOS Proof app via localhost:9847.

How This Skill Works

You create a document through Proof's Web API without authentication, which returns a shareable token and links for subsequent operations. Edits and comments are performed by POSTing to the agent OPS endpoint derived from the create response, and you can read state via the state endpoint. The Local Bridge lets you control the Proof app on macOS using the same OPS workflow or via bridge endpoints exposed by Proof.app.

When to Use It

Create a new proof doc and generate a shareable URL for teammates using the web API.
Read a shared document's current state and cursor position via the state endpoint.
Comment on text, reply to or resolve comments, and propose edits using the provided JSON ops.
Suggest replacements, perform bulk rewrites, or manage insertions/deletions across the document.
Review or edit documents through the macOS Proof app via the Local Bridge (http://localhost:9847).

Quick Start

Step 1: Create a shared markdown document via the Web API: curl -X POST https://www.proofeditor.ai/share/markdown -H "Content-Type: application/json" -d '{"title":"My Doc","markdown":"# Hello\n\nContent here."}'
Step 2: Read or edit the document using the slug and token from the create response, e.g., POST to https://www.proofeditor.ai/api/agent/{slug}/ops with appropriate payload and headers.
Step 3: Optionally connect the macOS Proof app via the Local Bridge at http://localhost:9847 to manage documents with Proof.app.

Best Practices

Always use the tokenUrl from the create response as the shareable link and pass the access token when authenticating edits.
Rely on the _links state/ops URLs from the create response to navigate the correct API endpoints, not hard-coded paths.
For protected docs, authenticate with x-share-token or Authorization: Bearer <token> as documented.
Prefer rewrite.apply for bulk replacements; for single edits use comment and suggestion ops, and avoid insert kind on the web endpoint.
If using the Local Bridge, include required headers (X-Agent-Id, Content-Type, X-Window-Id) and operate through the macOS Proof app.

Example Use Cases

Create a new markdown doc via POST to /share/markdown and share the tokenUrl with teammates.
Read the latest document state with GET https://www.proofeditor.ai/api/agent/{slug}/state using the token.
Add a comment: {"op": "comment.add", "quote": "text to comment on", "by": "ai:<agent-name>", "text": "Your comment here"}.
Suggest an edit: {"op": "suggestion.add", "kind": "replace", "quote": "old text", "by": "ai:<agent-name>", "content": "new text"}.
Open and edit via Local Bridge in Proof.app at http://localhost:9847, using endpoints like /windows, /state, /marks, or /marks/suggest-replace.

Frequently Asked Questions

Add this skill to your agents