Back to skill

Security audit

1Password Cli For Agents

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward guide for using the 1Password CLI with an agent, but it can expose or change secrets if you give it a service account token.

Install only if you want an agent to access 1Password through a service account. Use a dedicated vault, grant least-privilege access, keep `OP_SERVICE_ACCOUNT_TOKEN` out of logs and repositories, and require explicit confirmation before create, edit, or delete actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documents a permanent delete operation for secrets without any warning about irreversibility, confirmation steps, or guidance to verify the target vault/item first. In an agent context, this increases the risk of accidental or prompt-induced deletion of credentials or records from a secrets vault, causing operational disruption and possible loss of access.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.