hmm, thinking about it, did you try awokd's approach? I do something very similar for my QubesTV setup that I'm working on polishing, which works on scripts too, like we're doing here. The command may have to be adjusted a bit, but in general, it should work, even without xclip in dom0.
Actually, I'd go as far as to say it should most definitely work for xclip, while my scripts here are different, I've done it enough to tell it can work if modified correctly.
Either way, try awokd's command out, it will definitely work in one variant or different. The question is if require a bit of modification. For example, maybe use "qvm-run AppVM bash 'command to execute inside AppVM -o etc. lalala'" instead of say, "qvm-run AppVM gnome-terminal -e 'command to execute inside AppVM -o etc. lalala'".
For example I've seen a case where one when executed inside the AppVM, will open the executed QubesTV streaming link in the same browser, same tab, while the very same command inserted into the AppVM from dom0, would open up a whole new instance of Firefox, and thereby open a new window. Which, needless to say, doesn't work. The solution was to use bash for already running firefox, so that it won't start a new firefox instance. Hopefully you can use any of this to make qvm-run appvm "command" work.
In terms of security, I'm in the same boat, I can't say for sure. But I agree with the notion, that it "probably"? is secure due to the one direction flow of data.
@awokd
Most likely yes, I haven't seen a command that can't be run from dom0 yet, it just need a little spanki'... Ahem, love.
I haven't yet fully grasped why some commands behave different as they do when from dom0, compared to when same command is executed inside the AppVM. For example the bash example above. But I imagine, grasping this difference, one can probably execute anything from dom0.