← 返回 Skills 市场

1password 1.0.1.Zip

Name: 1password 1.0.1.Zip
Author: cuiday1975

作者 cuiday1975 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

103

总下载

当前安装

版本数

在 OpenClaw 中安装

/install 1password-1-0-1-zip

功能描述

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/...

使用说明 (SKILL.md)

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

references/get-started.md (install + app integration + sign-in flow)
references/cli-examples.md (real op examples)

Workflow

Check OS + shell.
Verify CLI present: op --version.
Confirm desktop app integration is enabled (per get-started) and the app is unlocked.
REQUIRED: create a fresh tmux session for all op commands (no direct op calls outside tmux).
Sign in / authorize inside tmux: op signin (expect app prompt).
Verify access inside tmux: op whoami (must succeed before any secret read).
If multiple accounts: use --account or OP_ACCOUNT.

REQUIRED tmux session (T-Max)

The shell tool uses a fresh TTY per command. To avoid re-prompts and failures, always run op inside a dedicated tmux session with a fresh socket/session name.

Example (see tmux skill for socket conventions, do not reuse old session names):

SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/clawdbot-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
tmux -S "$SOCKET" kill-session -t "$SESSION"

Guardrails

Never paste secrets into logs, chat, or code.
Prefer op run / op inject over writing secrets to disk.
If sign-in without app integration is needed, use op account add.
If a command returns "account is not signed in", re-run op signin inside tmux and authorize in the app.
Do not run op outside tmux; stop and ask if tmux is unavailable.

安全使用建议

This skill appears to do what it says (set up and run the 1Password CLI) and installs the official brew formula, but there are operational details to review before installing: - The runtime instructions automate interactive sign-in inside tmux and explicitly capture tmux pane output. Captured output can include secrets if the agent or a user runs commands that reveal them. Only proceed if you trust the agent's handling of captured output and logs. - The SKILL.md references CLAWDBOT_TMUX_SOCKET_DIR (an agent-specific env var) but the skill doesn't declare or document required env vars—confirm what agent environment variables the skill expects and whether exposing or creating the socket directory is safe in your environment. - The guardrails (don’t paste secrets into chat, prefer op run/op inject) are good, but automated capture increases risk. Consider running 1Password sign-in manually instead of letting the skill drive it, or restrict the skill from autonomous invocation if your platform allows. - The install uses a Homebrew formula (low risk), but verify the brew formula source is official in your environment. If you want to proceed: limit the skill’s permissions, avoid letting it run autonomously for sensitive flows, and prefer manual sign-in for initial authorization. If you can provide or review additional logs of a dry run (what the agent would capture) I could reassess with higher confidence.

功能分析

Type: OpenClaw Skill Name: 1password-1-0-1-zip Version: 1.0.0 The skill provides the agent with high-risk capabilities to read, inject, and run secrets using the 1Password CLI (op), as detailed in SKILL.md and cli-examples.md. While it includes guardrails against logging secrets, it mandates a tmux-based workflow that uses a potentially predictable socket path in /tmp (/tmp/clawdbot-tmux-sockets/clawdbot-op.sock), which is a common vulnerability that could allow local session hijacking. The skill also automates the installation of external binaries via Homebrew, which, combined with shell execution and sensitive data access, warrants a suspicious classification.

能力评估

✓ Purpose & Capability

Name, description, required binary (op), and the brew install (1password-cli -> op) match the stated purpose of configuring and using the 1Password CLI.

⚠ Instruction Scope

SKILL.md tells the agent to create tmux sessions, drive interactive signin, capture the tmux pane, and then kill the session. Capturing pane contents can include secrets if commands that output secrets are run; the instructions do warn not to paste secrets, but the skill still automates reading TTY output. The instructions also reference a CLAWDBOT_TMUX_SOCKET_DIR environment variable and 'tmux skill' conventions that are not declared in requires.env, so the skill relies on implicit agent environment/state.

✓ Install Mechanism

Install uses Homebrew formula '1password-cli' to provide 'op' — a standard, low-risk distribution channel for this CLI.

ℹ Credentials

The skill declares no required env vars or credentials (appropriate for a CLI wrapper). However, the runtime examples reference CLAWDBOT_TMUX_SOCKET_DIR (an implicit env var) and TMPDIR; referencing undeclared agent-specific env vars is a mismatch and deserves attention. No external credentials are requested by the skill.

✓ Persistence & Privilege

always:false and no install-time modifications beyond installing the CLI are requested. The skill does not request persistent/global privileges or modify other skills' configurations.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install 1password-1-0-1-zip
安装完成后，直接呼叫该 Skill 的名称或使用 /1password-1-0-1-zip 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

1Password CLI skill initial release: - Provides setup and usage instructions for 1Password CLI (op), including install steps, app integration, and sign-in workflow. - Requires all `op` commands to be run inside a dedicated tmux session for security and reliability. - Offers best practices and guardrails for handling secrets safely. - Includes links to official documentation and workflow references.

元数据

Slug 1password-1-0-1-zip

版本 1.0.0

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 1

常见问题