← Back to Skills Marketplace
zhaozewen0519

1password.Bak

by zhaozewen0519 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
197
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install 1password-bak
Description
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/...
README (SKILL.md)

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

  • references/get-started.md (install + app integration + sign-in flow)
  • references/cli-examples.md (real op examples)

Workflow

  1. Check OS + shell.
  2. Verify CLI present: op --version.
  3. Confirm desktop app integration is enabled (per get-started) and the app is unlocked.
  4. REQUIRED: create a fresh tmux session for all op commands (no direct op calls outside tmux).
  5. Sign in / authorize inside tmux: op signin (expect app prompt).
  6. Verify access inside tmux: op whoami (must succeed before any secret read).
  7. If multiple accounts: use --account or OP_ACCOUNT.

REQUIRED tmux session (T-Max)

The shell tool uses a fresh TTY per command. To avoid re-prompts and failures, always run op inside a dedicated tmux session with a fresh socket/session name.

Example (see tmux skill for socket conventions, do not reuse old session names):

SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/clawdbot-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
tmux -S "$SOCKET" kill-session -t "$SESSION"

Guardrails

  • Never paste secrets into logs, chat, or code.
  • Prefer op run / op inject over writing secrets to disk.
  • If sign-in without app integration is needed, use op account add.
  • If a command returns "account is not signed in", re-run op signin inside tmux and authorize in the app.
  • Do not run op outside tmux; stop and ask if tmux is unavailable.
Usage Guidance
This skill is coherent for installing and using the 1Password CLI. Before installing or running it: 1) verify you trust the Homebrew formula source (official 1Password/Homebrew tap), 2) run the sign-in steps in an isolated environment so you don't accidentally expose secrets to logs or shared tmux sockets, and 3) prefer op inject/op run patterns over printing secrets to the terminal. Be cautious with the SKILL.md's capture-pane step — it can capture output that might accidentally include sensitive data; modify or omit that capture if you will run commands that print secrets.
Capability Analysis
Type: OpenClaw Skill Name: 1password-bak Version: 1.0.0 The skill mandates wrapping all 1Password CLI (op) operations within tmux sessions and using 'capture-pane' to retrieve output (SKILL.md), which is a high-risk pattern that can lead to sensitive credentials being inadvertently stored in tmux buffers and agent logs. It also specifies a hardcoded socket directory in /tmp (/tmp/clawdbot-tmux-sockets) without explicit permission hardening, which could allow local session hijacking. While these appear to be technical workarounds for non-interactive shell limitations, the combination of complex session management and secret handling is inherently risky.
Capability Assessment
Purpose & Capability
Name/description: 1Password CLI setup and usage. Declared requirement: op binary and an install path via Homebrew formula '1password-cli' which produces the 'op' binary — this is exactly what the skill needs and nothing extraneous is requested.
Instruction Scope
SKILL.md is instruction-only and stays on-task (install/enable app integration, signin, run/read/inject secrets). It requires running op inside a fresh tmux session and even captures the pane output; while reasonable to automate sign-in checks, capture-pane can include sensitive terminal output if secrets are printed. The file also references env vars like CLAWDBOT_TMUX_SOCKET_DIR and OP_ACCOUNT (typical but not declared). Follow the guardrails (do not print secrets, prefer op inject/run) and avoid capturing commands that emit secrets.
Install Mechanism
Install spec uses Homebrew formula '1password-cli' to provide the 'op' binary. This is a standard, low-risk package source for macOS/Linux that is proportionate to the stated purpose.
Credentials
The skill declares no required credentials or config paths. Its occasional references to common env vars (OP_ACCOUNT, TMPDIR-like variables, CLAWDBOT_TMUX_SOCKET_DIR) are operational conveniences, not secret requests. No unrelated credentials or high-privilege environment access are requested.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent/system-wide changes or cross-skill configuration. Autonomous invocation is allowed (platform default) but not combined with other red flags.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install 1password-bak
  3. After installation, invoke the skill by name or use /1password-bak
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of 1password-bak skill. - Guides setup and use of 1Password CLI (op), including installation and account sign-in. - Enforces use of a dedicated tmux session for all CLI operations, with detailed workflow. - Includes references for get-started steps and real CLI examples. - Built-in guardrails to protect secrets and ensure secure CLI usage. - Brew-based installation instructions provided.
Metadata
Slug 1password-bak
Version 1.0.0
License MIT-0
All-time Installs 3
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is 1password.Bak?

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/... It is an AI Agent Skill for Claude Code / OpenClaw, with 197 downloads so far.

How do I install 1password.Bak?

Run "/install 1password-bak" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 1password.Bak free?

Yes, 1password.Bak is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 1password.Bak support?

1password.Bak is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 1password.Bak?

It is built and maintained by zhaozewen0519 (@zhaozewen0519); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments