ClawHub

Safe Bitwarden Cli

v1.6.0

Industrial-grade secure bridge to Bitwarden. Copy passwords and TOTP codes with Zero-trust kernel-level piping.

0· 90·1 current·1 all-time
by@chyern

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chyern/safe-bitwarden-cli.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Safe Bitwarden Cli" (chyern/safe-bitwarden-cli) from ClawHub.
Skill page: https://clawhub.ai/chyern/safe-bitwarden-cli
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: bash, python3, bw, pbcopy, clip, xclip, wl-copy
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install safe-bitwarden-cli

ClawHub CLI

Package manager switcher

npx clawhub@latest install safe-bitwarden-cli
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is a clipboard proxy for Bitwarden and requires the Bitwarden CLI and a BW_SESSION token to function — this is coherent with its description. Note: the registry header listed "Required env vars: none" while SKILL.md and manifest.json declare BW_SESSION; that mismatch should be resolved (BW_SESSION is legitimately required).
Instruction Scope
SKILL.md and scripts/main.sh limit behavior to: verify binaries, list/search non-sensitive item metadata, and pipe bw get password/totp output directly to the native clipboard. The script does not read other system files, contact external endpoints, or attempt to persist credentials; the scope is narrow and consistent.
Install Mechanism
This is an instruction-only skill with a bundled bash script and no install spec. It relies on existing system binaries (bw, pbcopy/clip/xclip/wl-copy, python3). No downloads or archive extraction are performed.
Credentials
The only sensitive environment material used is BW_SESSION (Bitwarden session token), which is appropriate and required for the Bitwarden CLI to return secrets. There are no unrelated TOKEN/KEY/PASSWORD env vars requested. Again, verify and correct the registry metadata that claimed there were no required env vars.
Persistence & Privilege
The skill does not request 'always' presence and does not modify other skills or system-wide agent settings. It runs on-demand via the provided script; autonomous invocation is allowed (platform default) but not elevated.
Assessment
This skill appears to do exactly what it claims: search your Bitwarden vault and pipe passwords or TOTP codes directly to your OS clipboard using the Bitwarden CLI. Before installing, verify the following: (1) The manifest and SKILL.md both require BW_SESSION — ensure you are comfortable exporting a Bitwarden session token into your environment and that you only export it in a secure shell session. (2) Inspect scripts/main.sh yourself (it's short and readable) to confirm there are no modifications to other config or network calls. (3) Understand clipboard risk: once a secret is copied, other local apps or utilities (clipboard history managers, remote desktop sessions, clipboard-monitoring malware) could read it — consider setting a clipboard-clear policy after use. (4) Confirm you have the bw CLI and an appropriate native clipper (pbcopy/clip/xclip/wl-copy) on the devices you plan to use. (5) Fix the registry metadata discrepancy (it should declare BW_SESSION). If you require higher assurance, run the script locally in an isolated environment and test the 'setup', 'search', and 'copy' flows before granting the skill to an agent.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsbash, python3, bw, pbcopy, clip, xclip, wl-copy
latestvk97fr1npmxgee8nx59bhdgeyk984zq10
90downloads
0stars
23versions
Updated 1w ago
v1.6.0
MIT-0
@chyern
latest
Download

Safe Bitwarden CLI (Skill)

AUDIT TRANSPARENCY NOTICE:

  • Pure Shell: No Node.js runtime risk.
  • AI PASSWORD BLINDNESS: Passwords and TOTP codes flow directly to the system clipboard.
  • Zero Eval: Hardened binary invocation.

Positioning & Scope

This skill is a Hardened Native Clipboard Proxy.

  • Capabilities: Securely search items and copy Passwords or TOTP (2FA) codes directly to the native clipboard via OS-level streams.

Usage Guide

  1. Environment Setup:
    Run bash scripts/main.sh setup

    • Ensure BW_SESSION is exported locally.

  2. Search Items:
    Run bash scripts/main.sh search "<query>"

  3. Secure Password Copy:
    Run bash scripts/main.sh copy "<id>"

  4. Secure TOTP Copy:
    Run bash scripts/main.sh totp "<id>"

    • Pipes the 6-digit 2FA code directly to your native clipboard.

Comments

Loading comments...