SSH OP
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill has a legitimate 1Password-backed SSH purpose, but the reviewed package is missing the main key-handling executable while still asking to use an SSH private key and modify SSH configuration.
Install only after the missing `scripts/ssh-op` file is supplied and reviewed, because that file would handle your private SSH key. If you proceed, use a narrowly scoped 1Password item or service account, review any SSH config snippets before applying them, and do not rely on the no-key-on-disk claim until the actual executable has been inspected.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may be asked to trust or symlink a missing, unreviewed program for handling an SSH private key.
This is the central helper that would read the 1Password private key and run SSH, but the provided file manifest does not include `scripts/ssh-op`, leaving the security-sensitive executable unavailable for review.
Canonical executable lives inside the skill: `~/.openclaw/skills/ssh-op/scripts/ssh-op`
Do not use this skill until the actual `scripts/ssh-op` executable is included and reviewed; the package should also declare its required binaries and credential expectations.
If configured, the skill can authenticate to remote systems using the selected SSH identity.
The skill intentionally uses 1Password account access or a service account token to retrieve an SSH private key and load it into ssh-agent.
loads an SSH key from 1Password via `op read ... | ssh-add -` ... `OP_SERVICE_ACCOUNT_TOKEN` is set
Use a least-privileged 1Password item or service account, verify the key fingerprint, and avoid exposing `OP_SERVICE_ACCOUNT_TOKEN` unnecessarily.
Host aliases or SSH options added by this skill can change how future SSH commands connect.
The optional helper writes a managed block into the user's SSH config, which is purpose-aligned but affects future SSH connection behavior.
ssh_dir = Path.home() / ".ssh"; config_path = ssh_dir / "config"; config_path.write_text(updated, encoding="utf-8")
Review the `hosts.conf` content before running the helper and keep a backup of `~/.ssh/config`.