← Back to Skills Marketplace
40
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install 1password-browser-login
Description
从 1Password 取出账号密码,用无头浏览器自动登录目标网站,然后根据用户需求操作页面。 适用场景:用户说"帮我登录 xxx 然后做 yyy"、"用 1Password 登录 xxx"、"从 1Password 取 xxx 的账号登录并下载数据/截图/抓取内容"等。 前提:系统已安装 1Password C...
README (SKILL.md)
1Password Browser Login
从 1Password 取凭证,无头浏览器自动登录,执行用户指定任务。
前提检查
source ~/.zshrc 2>/dev/null && op whoami 2>&1
若失败,提示用户配置 OP_SERVICE_ACCOUNT_TOKEN。
执行流程
Step 1:解析意图
从用户消息提取:
ITEM_NAME:1Password 中的 item 名称TASK:登录后要做什么
ITEM_NAME 不明确时,列出所有可用 item 让用户选:
source ~/.zshrc 2>/dev/null && op item list --format json 2>&1
Step 2:取凭证
服务账户必须指定 vault,先列出:
source ~/.zshrc 2>/dev/null && op vault list --format json 2>&1
取 item 详情:
source ~/.zshrc 2>/dev/null && op item get "\x3CITEM_NAME>" --vault "\x3CVAULT_NAME>" --format json 2>&1
从 JSON 中提取:
fields[]中purpose=USERNAME的value→ usernamefields[]中purpose=PASSWORD的value→ passwordurls[0].href→ 登录页 URL
⚠️ 安全规则:
- 禁止将 password 打印到回复或日志
- 禁止将凭证写入任何文件
- 回复用户只说"已从 1Password 取得凭证"
Step 3:浏览器登录
browser open url=\x3C登录页URL>
browser snapshot → 找用户名输入框、密码输入框、登录按钮的 ref
browser act kind=type ref=\x3C用户名框> text=\x3Cusername>
browser act kind=type ref=\x3C密码框> text=\x3Cpassword>
browser act kind=click loadState=networkidle ref=\x3C登录按钮>
browser snapshot → 确认已离开登录页(登录成功)
Step 4:执行任务
| 任务类型 | 操作 |
|---|---|
| 截图 | browser screenshot → 保存到 ./downloads/ → MEDIA:./downloads/文件名 发给用户 |
| 抓页面数据 | browser snapshot → 解析内容 → 整理回复 |
| 下载文件 | browser act kind=click 触发下载 → exec 找到文件移到 workspace → MEDIA: 发送 |
| 导航后操作 | browser navigate url=\x3C目标页> → 再截图/抓数据/下载 |
结果文件保存路径:./downloads/YYYY-MM-DD_\x3C网站名>_\x3C描述>.\x3C扩展名>
错误处理
| 错误 | 处理 |
|---|---|
| item 不存在 | 列出所有 item,让用户确认名称 |
| vault 无权限 | 提示在 1Password 后台给服务账户授权该 vault |
| 登录失败(密码错误) | 截图当前页,告知用户 |
| 需要 2FA | 告知不支持,需用户手动处理 |
| CAPTCHA | 截图,告知用户需手动完成验证 |
| 找不到输入框 | 截图,让用户描述表单位置 |
示例
用户: 帮我登录 MyApp 然后截个首页截图
- ITEM_NAME="MyApp",TASK="截首页截图"
- 取凭证 → browser 登录 → screenshot → 发给用户
用户: 用 1Password 登录 GitHub 下载最新 release
- ITEM_NAME="GitHub",TASK="下载最新 release"
- 取凭证 → 登录 → 导航到 releases 页 → 点击下载 → 发文件
Usage Guidance
Install only if you trust this skill with password-manager-backed logins. Before using it, create a narrowly scoped 1Password service account, confirm the exact vault/item/site/task every time, avoid broad or sensitive vault access, and require explicit approval before downloads, screenshots, or any account-changing browser action.
Capability Analysis
Type: OpenClaw Skill
Name: 1password-browser-login
Version: 1.1.0
The skill automates website logins by retrieving credentials from 1Password via the 'op' CLI and sourcing the user's '~/.zshrc' to access service account tokens. While the instructions in SKILL.md include explicit safety rules to avoid logging or saving passwords, the practice of sourcing shell configuration files and the broad capability to list and retrieve any vault item represent high-risk behaviors that could be exploited to access sensitive data beyond the user's immediate request.
Capability Assessment
Purpose & Capability
The purpose is coherent with the name and description: SKILL.md says “从 1Password 取凭证,无头浏览器自动登录,执行用户指定任务”, but that purpose necessarily grants access to password-manager items and authenticated web sessions.
Instruction Scope
SKILL.md frames actions as user-requested and includes password handling rules, but the post-login scope is broad: it says “根据用户需求操作页面” and lists screenshot, page scraping, download, and navigation workflows.
Install Mechanism
There is no install spec or code, and the metadata says “Required binaries: none” and “Required env vars: none”, while SKILL.md requires the 1Password CLI “op” and “OP_SERVICE_ACCOUNT_TOKEN” in “~/.zshrc”.
Credentials
SKILL.md instructs use of “op item list”, “op vault list”, and “op item get ... --format json” to retrieve USERNAME/PASSWORD fields; that is high-impact password-vault access without artifact-level limits on vault, site, or task scope.
Persistence & Privilege
The skill depends on a persistent service-account token in a shell profile—SKILL.md says “OP_SERVICE_ACCOUNT_TOKEN 已配置在 ~/.zshrc”—but metadata declares “Primary credential: none” and “Required env vars: none”.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install 1password-browser-login - After installation, invoke the skill by name or use
/1password-browser-login - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
移除示例中的真实网址和隐私内容,补全 YAML frontmatter,符合 AgentSkills 规范
v1.0.0
Auto-login to any website using 1Password credentials via headless browser
Metadata
Frequently Asked Questions
What is 1Password Browser Login?
从 1Password 取出账号密码,用无头浏览器自动登录目标网站,然后根据用户需求操作页面。 适用场景:用户说"帮我登录 xxx 然后做 yyy"、"用 1Password 登录 xxx"、"从 1Password 取 xxx 的账号登录并下载数据/截图/抓取内容"等。 前提:系统已安装 1Password C... It is an AI Agent Skill for Claude Code / OpenClaw, with 40 downloads so far.
How do I install 1Password Browser Login?
Run "/install 1password-browser-login" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 1Password Browser Login free?
Yes, 1Password Browser Login is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 1Password Browser Login support?
1Password Browser Login is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 1Password Browser Login?
It is built and maintained by Ricky (@tujinsama); the current version is v1.1.0.
More Skills