ClawHub

1password

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
34 · 16.1k · 880 current installs · 905 all-time installs
byPeter Steinberger@steipete
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (1Password CLI usage) aligns with the runtime instructions which call `op`. However the SKILL.md contains embedded metadata that advertises a brew install (1password-cli) even though the registry install spec lists none — this mismatch should be reconciled. The required use of tmux for all `op` interactions is unusual but can be justified by terminal/auth flow concerns.
!
Instruction Scope
Instructions ask the agent to create tmux sockets, send keys to a tmux session, run interactive `op signin`/`op whoami`/`op vault list`, and then capture the tmux pane (capture-pane). Capturing pane output can expose secrets if any `op` command prints sensitive data; the document admonishes not to paste secrets but does not explicitly prevent capturing or transmitting pane contents. The SKILL.md also references an environment variable (CLAWDBOT_TMUX_SOCKET_DIR) that is not declared in the skill metadata.
Install Mechanism
This is an instruction-only skill (no install spec in registry, no code files), which is lower-risk. However the SKILL.md embedded metadata proposes a brew install entry for 1password-cli; that suggestion isn't reflected in the registry's install section — the discrepancy should be clarified. No remote archives or downloads are requested.
Credentials
The skill does not request credentials or config paths in the registry metadata, which is appropriate for a helper that relies on user-interactive `op` sign-in and desktop-app integration. It references CLAWDBOT_TMUX_SOCKET_DIR and TMPDIR defaults in examples (not declared as required), and will create socket paths under /tmp — benign but worth noting.
Persistence & Privilege
The skill is not always-enabled, does not request elevated persistence, and contains no install hooks that would alter other skills or global configuration. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.
What to consider before installing
This skill appears to be what it says: runtime instructions for using the 1Password CLI. Before installing, confirm a few things: (1) reconcile the metadata mismatch — does the skill expect to install the CLI via brew or not? (2) understand that the skill runs `op` inside a tmux session and even captures the tmux pane; make sure the agent/environment will not log or transmit pane contents (which could include secrets). (3) verify you trust the agent to perform interactive sign-in flows with your desktop 1Password app. If you want to proceed, ensure 1Password CLI is installed from an official source, that tmux socket paths are confined to a safe directory, and that any captured terminal output is handled securely (never sent to chat/logs). If you need higher assurance, request the author clarify the install instructions and explicitly forbid capturing or exporting secret-bearing output.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk975511sv6n5xx1dsg44b2rqxh7yspxq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔐 Clawdis
Binsop

Install

Install 1Password CLI (brew)
Bins: op
brew install 1password-cli

SKILL.md

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

  • references/get-started.md (install + app integration + sign-in flow)
  • references/cli-examples.md (real op examples)

Workflow

  1. Check OS + shell.
  2. Verify CLI present: op --version.
  3. Confirm desktop app integration is enabled (per get-started) and the app is unlocked.
  4. REQUIRED: create a fresh tmux session for all op commands (no direct op calls outside tmux).
  5. Sign in / authorize inside tmux: op signin (expect app prompt).
  6. Verify access inside tmux: op whoami (must succeed before any secret read).
  7. If multiple accounts: use --account or OP_ACCOUNT.

REQUIRED tmux session (T-Max)

The shell tool uses a fresh TTY per command. To avoid re-prompts and failures, always run op inside a dedicated tmux session with a fresh socket/session name.

Example (see tmux skill for socket conventions, do not reuse old session names):

SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/clawdbot-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
tmux -S "$SOCKET" kill-session -t "$SESSION"

Guardrails

  • Never paste secrets into logs, chat, or code.
  • Prefer op run / op inject over writing secrets to disk.
  • If sign-in without app integration is needed, use op account add.
  • If a command returns "account is not signed in", re-run op signin inside tmux and authorize in the app.
  • Do not run op outside tmux; stop and ask if tmux is unavailable.

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…