Back to skill
Skillv1.0.0
ClawScan security
1password 1.0.1 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 5, 2026, 3:51 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions match its stated purpose (installing and using the 1Password CLI); nothing requests unrelated credentials or suspicious installs, though a couple of operational details deserve attention.
- Guidance
- This skill appears to do what it says: help install and use the official 1Password CLI. Before installing, confirm you trust the Homebrew formula source and your environment's Homebrew configuration. Pay attention to the tmux workflow: the instructions capture tmux pane output (capture-pane), which can include sensitive text if a command prints secrets. If you run this in an automated agent or CI, ensure captured output is not transmitted to external logs or chat; prefer op run/op inject as recommended. Also note the skill references a CLAWDBOT_TMUX_SOCKET_DIR convention (and TMPDIR) — if you don't want socket files in /tmp, set CLAWDBOT_TMUX_SOCKET_DIR to a controlled directory. If any part of the tmux flow or captured output makes you uncomfortable, run the signin and verification interactively instead.
Review Dimensions
- Purpose & Capability
- okName/description match what is required: the skill installs/uses the 1Password CLI (op). Requiring the 'op' binary and offering a Homebrew install for the official 1password-cli formula is coherent and proportionate for this purpose.
- Instruction Scope
- noteInstructions are largely limited to installing, signing in, and verifying with op. They require running op inside a fresh tmux session and capture the tmux pane output. Capturing pane output may include sensitive output if commands emit secrets; the SKILL.md warns not to paste secrets but does not explicitly instruct filtering of captured output. The skill also references CLAWDBOT_TMUX_SOCKET_DIR (a convention) without declaring it in requires.env.
- Install Mechanism
- okInstall spec uses Homebrew formula '1password-cli' which is an expected, low-risk distribution mechanism for macOS/Linux; no downloads from untrusted URLs or arbitrary archives are used.
- Credentials
- noteThe skill declares no required credentials or env vars, which fits a CLI helper. It references the CLAWDBOT_TMUX_SOCKET_DIR/TMPDIR variable to place tmux sockets — these are operational conventions rather than secret credentials, but they are not listed in requires.env.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request permanent/always-on privileges or attempt to modify other skills or system-wide settings.