ClawHub

rbw-bitwarden

v1.0.0

Unofficial Bitwarden CLI written in Rust. Manage passwords, TOTP codes, and secure notes from the terminal with a background agent for stateful sessions.

0· 37·0 current·0 all-time
byGuanM@sxhoio
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Bitwarden CLI) match the SKILL.md content: commands, configuration keys, device registration, SSH/clipboard integration and pinentry usage are all relevant to a CLI password manager.
Instruction Scope
SKILL.md only instructs the agent/user how to install, configure, and run rbw. It references expected environment variables and paths (RBW_PROFILE, XDG_RUNTIME_DIR, SSH_AUTH_SOCK, $VISUAL/$EDITOR, pinentry) that are necessary for the described features. There are no instructions to read unrelated system files, exfiltrate data, or contact unexpected endpoints.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing will be written or downloaded by the skill itself. Installation guidance points to normal distro/package managers and cargo, which is proportionate for this tool.
Credentials
The skill does not require any declared environment variables or credentials. The environment variables and paths mentioned in the docs (RBW_PROFILE, XDG_RUNTIME_DIR, SSH_AUTH_SOCK, $VISUAL/$EDITOR) are standard and justified by the described functionality (profiles, SSH integration, editor for adding/editing entries, pinentry for prompts).
Persistence & Privilege
always is false and the skill does not request system-wide persistence or modify other skills. Autonomous invocation is allowed (platform default) but the skill's instructions themselves do not request elevated or persistent privileges.
Assessment
This skill is an instruction-only wrapper describing how to use the rbw CLI; it does not install or ship code itself. Before using rbw: install the rbw binary from a trusted source (your distro package manager, Homebrew, or the project's official releases) and verify signatures where available. When registering a device you will provide your Bitwarden personal API key — only enter that on Bitwarden's official pages or when you trust the client binary. Be aware that using clipboard copy, SSH agent integration, or leaving the agent unlocked exposes secrets to the local environment (clipboard managers, SSH sessions); configure lock_timeout and profiles appropriately. Note: registry metadata showed no homepage while SKILL.md references the upstream repo (https://github.com/doy/rbw); this is a minor metadata inconsistency but does not affect the instructions. If you need higher assurance, inspect the actual rbw binary/package source before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cye0tg5s1mmdherq2y722qs84v96k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments