Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
1password 1.0.1.Zip
v1.0.0Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/...
⭐ 0· 74·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, required binary (op), and the brew install (1password-cli -> op) match the stated purpose of configuring and using the 1Password CLI.
Instruction Scope
SKILL.md tells the agent to create tmux sessions, drive interactive signin, capture the tmux pane, and then kill the session. Capturing pane contents can include secrets if commands that output secrets are run; the instructions do warn not to paste secrets, but the skill still automates reading TTY output. The instructions also reference a CLAWDBOT_TMUX_SOCKET_DIR environment variable and 'tmux skill' conventions that are not declared in requires.env, so the skill relies on implicit agent environment/state.
Install Mechanism
Install uses Homebrew formula '1password-cli' to provide 'op' — a standard, low-risk distribution channel for this CLI.
Credentials
The skill declares no required env vars or credentials (appropriate for a CLI wrapper). However, the runtime examples reference CLAWDBOT_TMUX_SOCKET_DIR (an implicit env var) and TMPDIR; referencing undeclared agent-specific env vars is a mismatch and deserves attention. No external credentials are requested by the skill.
Persistence & Privilege
always:false and no install-time modifications beyond installing the CLI are requested. The skill does not request persistent/global privileges or modify other skills' configurations.
What to consider before installing
This skill appears to do what it says (set up and run the 1Password CLI) and installs the official brew formula, but there are operational details to review before installing:
- The runtime instructions automate interactive sign-in inside tmux and explicitly capture tmux pane output. Captured output can include secrets if the agent or a user runs commands that reveal them. Only proceed if you trust the agent's handling of captured output and logs.
- The SKILL.md references CLAWDBOT_TMUX_SOCKET_DIR (an agent-specific env var) but the skill doesn't declare or document required env vars—confirm what agent environment variables the skill expects and whether exposing or creating the socket directory is safe in your environment.
- The guardrails (don’t paste secrets into chat, prefer op run/op inject) are good, but automated capture increases risk. Consider running 1Password sign-in manually instead of letting the skill drive it, or restrict the skill from autonomous invocation if your platform allows.
- The install uses a Homebrew formula (low risk), but verify the brew formula source is official in your environment.
If you want to proceed: limit the skill’s permissions, avoid letting it run autonomously for sensitive flows, and prefer manual sign-in for initial authorization. If you can provide or review additional logs of a dry run (what the agent would capture) I could reassess with higher confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk97dz7bepxps8cxjv6zz5xad2s83npzj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔐 Clawdis
Binsop
Install
Install 1Password CLI (brew)
Bins: op
brew install 1password-cli