Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns.

Name: Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns.
Author: tripleight

by Denis Pisarev · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

510

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install rbw

Description

Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts...

Usage Guidance

This skill's instructions are coherent with its goal (non-interactive rbw usage) but they ask you to store your Bitwarden master password in plaintext and rely on an undeclared RBW_MASTER_PASSWORD environment variable and an /etc systemd file. Before using/installing: (1) verify the rbw binary and other tools (pinentry, jq, curl) are from trusted sources; (2) prefer safer non-interactive patterns if possible (systemd LoadCredential=, OS keyring, hardware token, or ephemeral service accounts) instead of plaintext files; (3) if you must use the provided pattern, restrict the credential file to root:root 600 and minimize who can read/modify systemd unit files; (4) confirm you trust the skill source (homepage unknown) and test in an isolated environment first; (5) consider editing the SKILL.md or your deployment to declare RBW_MASTER_PASSWORD explicitly and to document audit/trust controls. If you need, ask for a version that uses a recommended secure alternative (systemd LoadCredential or an external secret provider) instead of plaintext credentials.

Capability Analysis

Type: OpenClaw Skill Name: rbw Version: 1.0.0 The skill bundle is designed to interact with the `rbw` CLI for Bitwarden/Vaultwarden. While its primary purpose is legitimate, the `SKILL.md` documentation provides explicit instructions for a non-interactive authentication method that involves storing the master password in plaintext within `/etc/systemd/rbw-credentials.conf` and using a custom `pinentry` script. Although the documentation includes a 'Security note' warning about this trade-off, instructing an AI agent to implement such a configuration constitutes a significant security risk, making the skill suspicious due to promoting a high-risk vulnerability.

Capability Assessment

✓ Purpose & Capability

The skill's name/description (non-interactive rbw usage) aligns with the SKILL.md content: commands, get/list/add, and systemd/script integration are all relevant to the stated purpose.

⚠ Instruction Scope

The runtime instructions tell the operator/agent to create a pinentry wrapper that reads RBW_MASTER_PASSWORD and to store the master password in /etc/systemd/rbw-credentials.conf (plaintext), and to configure systemd EnvironmentFile. The SKILL.md therefore instructs reading/writing system-level files and using an environment variable not declared in the skill metadata. These actions go beyond simply invoking rbw and involve system-wide sensitive state.

✓ Install Mechanism

This is instruction-only (no install spec, no binaries shipped). That minimizes install-time risk because nothing is downloaded or written by an installer, but it assumes rbw/pinentry/jq/curl are available on the host.

⚠ Credentials

The SKILL.md relies on the RBW_MASTER_PASSWORD environment variable and on an EnvironmentFile under /etc/systemd, but the skill metadata declares no required env vars or credentials. Requiring a master password (and storing it as plaintext) is functionally consistent with non-interactive unlocking but the metadata mismatch and the need for a sensitive secret stored at root-level are disproportionate without explicit declaration and justification.

ℹ Persistence & Privilege

The skill does not request always:true and does not self-install, but its recommended pattern requires creating system files under /etc and adjusting systemd service EnvironmentFile entries (requires root). That means installation/run will need elevated privileges and will persist a sensitive secret on disk unless the user chooses alternative approaches.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install rbw
After installation, invoke the skill by name or use /rbw
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

- Initial release of the rbw skill (v1.0.0) - Provides commands for unlocking, listing, retrieving, syncing, and adding Bitwarden/Vaultwarden items using the rbw CLI - Includes detailed usage patterns for interactive and non-interactive/systemd environments, with secure authentication examples - Documents folder and field access, custom field handling, and script integration practices - Offers troubleshooting steps, error handling guidance, and best practices for secure automation

Metadata

Slug rbw

Version 1.0.0

License —

All-time Installs 2

Active Installs 2

Total Versions 1

Frequently Asked Questions

What is Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns.?

Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts... It is an AI Agent Skill for Claude Code / OpenClaw, with 510 downloads so far.

How do I install Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns.?

Run "/install rbw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns. free?

Yes, Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns. is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns. support?

Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns. is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Securely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts/systemd services. Handles authentication, field access, and non-interactive operation patterns.?

It is built and maintained by Denis Pisarev (@tripleight); the current version is v1.0.0.

More Skills