← Back to Skills Marketplace
maverick-software

1Password Web UI

by maverick-software · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
1009
Downloads
0
Stars
2
Active Installs
1
Versions
Install in OpenClaw
/install 1password-ui
Description
1Password UI tab for OpenClaw dashboard. Manage secrets, credential mappings, and auth state from the Control UI.
README (SKILL.md)

1Password UI Extension

Adds a 1Password tab to the OpenClaw Control dashboard under the Tools group. Browse vaults, manage credential mappings for skills, and handle authentication — all from the web UI.

Features

Feature Description
Dashboard Tab "1Password" under Tools in sidebar
Connection Status See signed-in account, CLI/Connect mode
Sign In Flow Authenticate directly from the UI
Docker Support Works with 1Password Connect for containers
Credential Mappings Map 1Password items to skill configs

Agent Installation Prompt

To install this skill, give your agent this prompt:

Install the 1password-ui skill from ClawHub.

The skill is at: ~/clawd/skills/1password-ui/
Follow INSTALL_INSTRUCTIONS.md step by step.

Summary of changes needed:
1. Copy 1password-backend.ts to src/gateway/server-methods/1password.ts
2. Register handlers in server-methods.ts
3. Add "1password" tab to navigation.ts (TAB_GROUPS, Tab type, TAB_PATHS, icon, title, subtitle)
4. Add state variables to app.ts
5. Copy 1password-views.ts to ui/src/ui/views/1password.ts
6. Add view rendering to app-render.ts
7. Add tab loading to app-settings.ts
8. Build and restart: pnpm build && pnpm ui:build && clawdbot gateway restart

Prerequisites

For Local Installations (Ubuntu/Windows/macOS)

  1. 1Password CLI (op):

    # macOS/Linux
brew install 1password-cli

# Or from https://1password.com/downloads/command-line/

  2. CLI Integration enabled in 1Password app:

    • Settings → Developer → "Integrate with 1Password CLI" ✓

For Docker Installations

See Docker Setup below.

Usage

Sign In

  1. Open OpenClaw Dashboard → Tools1Password
  2. Click Sign In with 1Password
  3. Authorize in the 1Password app popup (or run op signin in terminal)
  4. Status shows "Connected" with your account

Credential Mappings

Once signed in, you can map 1Password items to skills:

  1. Skills like Pipedream can read credentials from 1Password
  2. Mappings are stored in ~/clawd/config/1password-mappings.json
  3. Format: { "skillId": { "item": "Item Name", "vault": "Private", "fields": {...} } }

Example: Pipedream with 1Password

# Store Pipedream credentials in 1Password
op item create --category="API Credential" --title="Pipedream Connect" \
  --vault="Private" \
  "client_id[text]=your_client_id" \
  "client_secret[password]=your_client_secret" \
  "project_id[text]=proj_xxxxx"

# Use in token refresh
PIPEDREAM_1PASSWORD_ITEM="Pipedream Connect" python3 ~/clawd/scripts/pipedream-token-refresh.py

Gateway RPC Methods

Method Description
1password.status Get CLI/Connect status, signed-in account
1password.signin Trigger sign-in flow
1password.signout Sign out of current session
1password.vaults List available vaults
1password.items List items in a vault
1password.getItem Get item field structure (not values)
1password.readSecret Read a secret (backend only)
1password.mappings.list Get skill → 1Password mappings
1password.mappings.set Create/update a mapping
1password.mappings.delete Remove a mapping
1password.mappings.test Test if a mapping works

Docker Setup (1Password Connect)

For Docker-based OpenClaw installations, use 1Password Connect instead of the CLI.

Step 1: Deploy 1Password Connect

# docker-compose.yml
services:
  op-connect-api:
    image: 1password/connect-api:latest
    ports:
      - "8080:8080"
    volumes:
      - ./1password-credentials.json:/home/opuser/.op/1password-credentials.json:ro
      - op-data:/home/opuser/.op/data

  op-connect-sync:
    image: 1password/connect-sync:latest
    volumes:
      - ./1password-credentials.json:/home/opuser/.op/1password-credentials.json:ro
      - op-data:/home/opuser/.op/data

volumes:
  op-data:

Step 2: Get Credentials

  1. Go to my.1password.com → Integrations → Secrets Automation
  2. Create a Connect server
  3. Download 1password-credentials.json
  4. Create an access token

Step 3: Configure OpenClaw

services:
  clawdbot:
    environment:
      - OP_CONNECT_HOST=http://op-connect-api:8080
      - OP_CONNECT_TOKEN=your-access-token

The UI automatically detects Connect mode.

Files Included

1password-ui/
├── SKILL.md                      # This file
├── INSTALL_INSTRUCTIONS.md       # Step-by-step installation
├── CHANGELOG.md                  # Version history
├── package.json                  # Skill metadata
├── reference/
│   ├── 1password-backend.ts      # Gateway RPC handlers
│   ├── 1password-views.ts        # UI view (Lit template)
│   ├── 1password-settings.ts     # Tab loading logic
│   └── 1password-plugin.ts       # Plugin registration (optional)
└── scripts/
    └── op-helper.py              # CLI/Connect bridge for skills

Security Considerations

✅ Safe by Design

Aspect Implementation
Secrets not in UI getItem and items return field names only, never values
No network installers No curl | sh or remote scripts — all code is local
Manual installation Requires explicit code edits, no automated patching
Mapping file perms 1password-mappings.json should be 0600 (contains references, not secrets)
CLI auth Uses 1Password app integration for biometric auth when available

⚠️ Documented Risks

Risk Mitigation
readSecret RPC available The 1password.readSecret method IS exposed via gateway RPC. This is intentional — skills need to read secrets. Security relies on: (1) 1Password requiring user auth, (2) gateway access control (loopback-only by default).
Gateway exposure All 1password.* methods are RPC calls. If you expose your gateway to the network, protect it with authentication.
Connect token In Docker mode, OP_CONNECT_TOKEN grants vault access. Keep it secure like any API key.

File Security

# Recommended permissions for mapping file
chmod 600 ~/clawd/config/1password-mappings.json

Troubleshooting

"1Password CLI Not Found"

brew install 1password-cli
# or download from 1password.com/downloads/command-line/

"Not signed in"

op signin
op whoami  # verify

Sign-in fails / "authorization denied"

  • Unlock the 1Password app
  • Enable CLI integration: Settings → Developer → "Integrate with 1Password CLI"

Docker: "connection refused"

docker ps | grep op-connect  # check containers running

Docker: "401 unauthorized"

  • Verify OP_CONNECT_TOKEN is set correctly
  • Check token hasn't expired

Support

Changelog

v1.1.0 (2025-02-11)

  • Full working implementation with dashboard UI
  • Sign-in flow from web interface
  • CLI and Connect mode support
  • Credential mapping system

v1.0.0 (2025-02-11)

  • Initial release with reference implementations
Usage Guidance
This package appears to implement a legitimate 1Password UI integration, but take the following precautions before installing: - Review the backend code (reference/1password-backend.ts and scripts/op-helper.py) yourself — they implement the readSecret RPC and network calls to OP_CONNECT_HOST. Confirm you understand when secrets may be returned and to whom. - Ensure your gateway RPC interface is not reachable from untrusted networks. The skill’s security model depends on gateway RPCs being loopback-only or otherwise strongly access-controlled. - Explicitly verify the presence of the 1Password CLI ('op') on systems that will use CLI mode; for Docker/connect mode, ensure OP_CONNECT_HOST and OP_CONNECT_TOKEN are only set when you intend that mode. The registry metadata does not declare these requirements — treat them as required for functionality. - Because installation requires editing core server files and restarting the gateway, test in an isolated environment or backup the codebase before applying changes. - Restrict permissions on ~/clawd/config/1password-mappings.json (recommended 0600) and audit which skills are allowed to call 1password.* RPCs after installation. If you want to proceed but are unsure, ask the maintainer for an explanation of gateway access controls and a minimal install path (e.g., plugin registration) that avoids editing core server files.
Capability Analysis
Type: OpenClaw Skill Name: 1password-ui Version: 1.0.0 The skill is classified as suspicious due to a critical shell injection vulnerability in `reference/1password-backend.ts`. The `opCommand` function uses `node:child_process.execAsync` with `args.join(" ")`, which is vulnerable to shell metacharacters if user-controlled input (e.g., `itemRef`, `field`, or `vault` from RPC parameters) is passed. Specifically, `cliReadSecret` constructs an `op://` URI string that is then passed as a single argument to `opCommand`, making it susceptible to injection if the string contains shell commands. Additionally, the skill's installation instructions in `SKILL.md` and `INSTALL_INSTRUCTIONS.md` require the AI agent to perform highly privileged actions, including modifying core OpenClaw source code and executing build/restart commands, which, while necessary for the skill's function, represent a significant attack surface.
Capability Assessment
Purpose & Capability
Name/description match the included code: UI views, gateway RPC handlers, and a CLI/Connect helper. Reading secrets (readSecret) and mapping storage are part of its stated capability. However the registry metadata declares no required binaries or env vars even though the code expects the 'op' CLI and optionally OP_CONNECT_HOST/OP_CONNECT_TOKEN for Connect mode — a mismatch between declared requirements and actual code.
Instruction Scope
The SKILL.md and INSTALL_INSTRUCTIONS require editing core OpenClaw source files (server-methods, navigation, app state) and restarting the gateway — i.e., the skill modifies the platform's server-side code. The backend exposes a gateway RPC (1password.readSecret) that returns secret values to callers; while the docs say secrets are not shown in the UI, the RPC can deliver secrets to other skills or callers. The instructions assume gateway RPCs are loopback-only; if the gateway is network-accessible, this expands the attack surface.
Install Mechanism
No remote installers or curl|sh pipelines are used; all code is included in the package and installation is manual (copy files, edit code, build). That lowers supply-chain risk compared with remote downloads. The op-helper.py and TypeScript files are local and readable.
Credentials
Registry metadata lists no required env vars, but code reads OP_CONNECT_HOST and OP_CONNECT_TOKEN for Connect mode and also relies on the external 'op' binary. Those are reasonable for the feature set, but the omission from the declared requirements is an inconsistency. Also, granting a gateway RPC that can read secrets means other skills or components with access to the gateway could request secret values if the gateway is not properly restricted.
Persistence & Privilege
Installation requires modifying core application source files and restarting the gateway, which is inherently high-privilege. The skill adds persistent RPC handlers to the gateway process; combined with the readSecret handler this increases the system-wide privilege surface. The skill is not set always:true, but its server-side handlers will run in the gateway process once installed.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install 1password-ui
  3. After installation, invoke the skill by name or use /1password-ui
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of 1Password UI skill for OpenClaw: - Adds a 1Password tab to the OpenClaw dashboard for managing secrets and credential mappings. - Supports sign-in, viewing vaults/items, and integrates with both 1Password CLI and Connect (Docker) modes. - Includes backend RPC handlers, UI views, and agent installation instructions. - Provides `op-helper.py` script for CLI/Connect bridging. - Removes previous script-based Ensue API integration.
Metadata
Slug 1password-ui
Version 1.0.0
License
All-time Installs 2
Active Installs 2
Total Versions 1
Frequently Asked Questions

What is 1Password Web UI?

1Password UI tab for OpenClaw dashboard. Manage secrets, credential mappings, and auth state from the Control UI. It is an AI Agent Skill for Claude Code / OpenClaw, with 1009 downloads so far.

How do I install 1Password Web UI?

Run "/install 1password-ui" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 1Password Web UI free?

Yes, 1Password Web UI is completely free (open-source). You can download, install and use it at no cost.

Which platforms does 1Password Web UI support?

1Password Web UI is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 1Password Web UI?

It is built and maintained by maverick-software (@maverick-software); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments