Lap 1password Connect

1Password Connect API skill. Use when working with 1Password Connect for activity, vaults, heartbeat. Covers 15 endpoints.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 22 · 0 current installs · 0 all-time installs

by@mickmicksh

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description map to a 1Password Connect API helper. The single required environment variable (1PASSWORD_CONNECT_API_KEY) is appropriate for this API-focused skill and there are no unrelated binaries, installs, or config paths requested.

ℹ

Instruction Scope

The SKILL.md documents 15 Connect endpoints and tells the agent to set an Authorization Bearer header and call the local Connect base URL (http://localhost:8080/v1). It does not instruct reading unrelated files or additional env vars. Minor issues: the Auth section shows the placeholder text "Bearer bearer" (which may confuse callers) and the doc repeatedly references a local file references/api-spec.lap that is not included; the base URL is hard-coded to localhost which is typical for 1Password Connect but may require user configuration if the Connect server is remote.

✓

Install Mechanism

No install spec and no code files — the skill is instruction-only and does not download or write code to disk, which is low-risk.

✓

Credentials

Only one sensitive env var is declared (1PASSWORD_CONNECT_API_KEY), which is expected for this integration. There are no additional unrelated credentials or config paths requested. Note: SKILL.md doesn't explicitly show how the token should be read (it expects a Bearer header), but that is consistent with the declared env var.

✓

Persistence & Privilege

The skill is not always-enabled and does not request elevated system presence. Autonomous invocation is allowed (platform default) but not combined with other red flags.

Assessment

This skill appears to be what it says: a 1Password Connect API helper that expects a Connect API key. Before installing, make sure: (1) you actually run a 1Password Connect server reachable at the base URL (default here is http://localhost:8080/v1) or edit the base URL to your server; (2) you provide a minimally-privileged 1PASSWORD_CONNECT_API_KEY (rotate/revoke if unsure); (3) you understand the agent will be able to call any documented endpoints and therefore could retrieve or modify vault items if given the token — don't supply a broadly-scoped or long-lived token unless you intend that; (4) the SKILL.md references a missing references/api-spec.lap file and shows a placeholder "Bearer bearer" value — verify that the agent runtime actually uses your 1PASSWORD_CONNECT_API_KEY rather than a literal placeholder. If any of these items are unacceptable, do not install or grant the API key until you adjust configuration or token scope.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk9706ck6t63ztehcxng5aqb4p9831mx1

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Env1PASSWORD_CONNECT_API_KEY

SKILL.md

1Password Connect

API version: 1.7.1

Auth

Bearer bearer

Base URL

http://localhost:8080/v1

Setup

Set Authorization header with your Bearer token
GET /activity -- verify access
POST /vaults/{vaultUuid}/items -- create first items

Endpoints

15 endpoints across 5 groups. See references/api-spec.lap for full details.

activity

Method	Path	Description
GET	/activity	Retrieve a list of API Requests that have been made.

vaults

Method	Path	Description
GET	/vaults	Get all Vaults
GET	/vaults/{vaultUuid}	Get Vault details and metadata
GET	/vaults/{vaultUuid}/items	Get all items for inside a Vault
POST	/vaults/{vaultUuid}/items	Create a new Item
GET	/vaults/{vaultUuid}/items/{itemUuid}	Get the details of an Item
PUT	/vaults/{vaultUuid}/items/{itemUuid}	Update an Item
DELETE	/vaults/{vaultUuid}/items/{itemUuid}	Delete an Item
PATCH	/vaults/{vaultUuid}/items/{itemUuid}	Update a subset of Item attributes
GET	/vaults/{vaultUuid}/items/{itemUuid}/files	Get all the files inside an Item
GET	/vaults/{vaultUuid}/items/{itemUuid}/files/{fileUuid}	Get the details of a File
GET	/vaults/{vaultUuid}/items/{itemUuid}/files/{fileUuid}/content	Get the content of a File

heartbeat

Method	Path	Description
GET	/heartbeat	Ping the server for liveness

health

Method	Path	Description
GET	/health	Get state of the server and its dependencies.

metrics

Method	Path	Description
GET	/metrics	Query server for exposed Prometheus metrics

Common Questions

Match user requests to endpoints in references/api-spec.lap. Key patterns:

"List all activity?" -> GET /activity
"List all vaults?" -> GET /vaults
"Get vault details?" -> GET /vaults/{vaultUuid}
"List all items?" -> GET /vaults/{vaultUuid}/items
"Create a item?" -> POST /vaults/{vaultUuid}/items
"Get item details?" -> GET /vaults/{vaultUuid}/items/{itemUuid}
"Update a item?" -> PUT /vaults/{vaultUuid}/items/{itemUuid}
"Delete a item?" -> DELETE /vaults/{vaultUuid}/items/{itemUuid}
"Partially update a item?" -> PATCH /vaults/{vaultUuid}/items/{itemUuid}
"List all files?" -> GET /vaults/{vaultUuid}/items/{itemUuid}/files
"Get file details?" -> GET /vaults/{vaultUuid}/items/{itemUuid}/files/{fileUuid}
"List all content?" -> GET /vaults/{vaultUuid}/items/{itemUuid}/files/{fileUuid}/content
"List all heartbeat?" -> GET /heartbeat
"List all health?" -> GET /health
"List all metrics?" -> GET /metrics
"How to authenticate?" -> See Auth section

Response Tips

Check response schemas in references/api-spec.lap for field details
List endpoints may support pagination; check for limit, offset, or cursor params
Create/update endpoints typically return the created/updated object

References

Full spec: See references/api-spec.lap for complete endpoint details, parameter tables, and response schemas

Generated from the official API spec by LAP

Files

1 total

Select a file

Select a file to preview.

Comments

Loading comments…