← Back to Skills Marketplace
Vaultwarden Secrets
by
Morten Bojer
· GitHub ↗
· v1.0.1
· MIT-0
117
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install vaultwarden-skill
Description
Manage Vaultwarden secrets with wrapper scripts for session handling, caching, logging, and scoped read/write operations in collections or personal vaults.
Usage Guidance
This skill appears to implement the advertised Vaultwarden wrappers, but the registry metadata and SKILL.md disagree: the scripts require the Bitwarden CLI (bw) and jq plus sensitive env vars (BW_CLIENTID, BW_CLIENTSECRET, BW_PASSWORD) even though the registry lists none. Before installing: 1) verify and accept installing/using bw CLI (SKILL.md pins an older version 2023.10.0) and install jq; 2) do not supply your real secrets until you confirm the server URL and have reviewed the scripts — they write session tokens and logs to disk (defaults: /run/openclaw/vw and /var/log/openclaw/vaultwarden.log); change VW_SESSION_DIR and VW_LOG_FILE to secure locations if needed and ensure log file permissions are restricted; 3) consider testing in a non-production environment and audit that logs do not leak secret values; 4) ask the publisher to update registry metadata to list required binaries and environment variables (the current mismatch is a red flag).
Capability Assessment
Purpose & Capability
The skill claims to manage Vaultwarden secrets and the scripts do that, but the package metadata declares no required binaries or environment variables while SKILL.md and the scripts require the Bitwarden CLI (bw), jq, and BW_CLIENTID/BW_CLIENTSECRET/BW_PASSWORD plus optional VW_* env vars. The metadata omission is an incoherence — a user installing this skill would legitimately need bw and jq and the listed env vars.
Instruction Scope
Runtime instructions and scripts are narrowly scoped to call the bw CLI and jq and to read/write session, cache, and log files under $VW_SESSION_DIR and VW_LOG_FILE. The scripts do not contain obvious network calls beyond bw (which communicates with the configured Vaultwarden server). However SKILL.md recommends a specific server URL (https://vaultwarden.mbojer.dk) as the example; ensure you configure your intended server. The scripts also write logs (names/IDs/operation outcomes) and session tokens to disk, which is expected for this purpose but should be reviewed for exposure risk.
Install Mechanism
This is instruction-only (no install spec), but SKILL.md instructs users to globally install a pinned bw CLI via npm (npm install -g @bitwarden/[email protected]). The scripts also require jq, but SKILL.md/registry metadata do not explicitly declare jq as a prerequisite. The missing dependency declarations and requirement to install a specific (older) CLI version are mismatches that users should validate before following.
Credentials
The skill requires sensitive env vars (BW_CLIENTID, BW_CLIENTSECRET, BW_PASSWORD) which are proportionate to logging in/unlocking Vaultwarden, but the registry metadata lists no required env vars — an inconsistency. Defaults for session and log paths (/run/openclaw/vw, /var/log/openclaw/vaultwarden.log) may require elevated permissions and could expose metadata if the log file is not properly protected. The number of env vars is reasonable for the stated purpose but must be handled securely.
Persistence & Privilege
The skill is user-invocable, not always-enabled, and allows normal autonomous invocation. It stores session tokens and caches in its own session directory and does not modify other skills or global agent configuration. No excessive persistence privileges are requested.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install vaultwarden-skill - After installation, invoke the skill by name or use
/vaultwarden-skill - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Remove SSH key scripts (bw 2023.10.0 cipher bug with multiline content). Personal vault fallback working. Session persistence and caching intact.
v1.0.0
Initial release: wrapper scripts for bw CLI with session persistence, caching, and personal vault fallback
Metadata
Frequently Asked Questions
What is Vaultwarden Secrets?
Manage Vaultwarden secrets with wrapper scripts for session handling, caching, logging, and scoped read/write operations in collections or personal vaults. It is an AI Agent Skill for Claude Code / OpenClaw, with 117 downloads so far.
How do I install Vaultwarden Secrets?
Run "/install vaultwarden-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Vaultwarden Secrets free?
Yes, Vaultwarden Secrets is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Vaultwarden Secrets support?
Vaultwarden Secrets is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Vaultwarden Secrets?
It is built and maintained by Morten Bojer (@mbojer); the current version is v1.0.1.
More Skills