MH 1password

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/...

This skill appears to be an instruction-only helper for the official 1Password CLI and installs via Homebrew — that part is fine. Before installing, consider: 1) The instructions require tmux (creating sockets and capture-pane) but tmux is not declared as a required binary; ensure your environment has tmux and confirm the agent will actually have permission to create/clean up sockets in the chosen directory. 2) The SKILL.md references OPENCLAW_TMUX_SOCKET_DIR and CLAWDBOT_TMUX_SOCKET_DIR env vars that are not declared — verify what values will be used and that you trust the directory chosen (it may be under /tmp). 3) capture-pane reads terminal output (which can include secrets); ask how the agent/runtime will handle or persist that captured text and ensure it will not be uploaded to logs or external endpoints. 4) Confirm you have a 1Password subscription and the desktop app integration steps the doc references. If you want to proceed, request the skill author add tmux to required binaries, explicitly document how captured pane contents are handled (never sent to external services or logs), and declare any env vars it expects. If the author cannot clarify, treat the mismatch as a risk and avoid using the skill for highly sensitive sign-ins.

Type: OpenClaw Skill Name: mh-1password Version: 1.0.0 The skill bundle is designed for secure integration with the 1Password CLI. It uses standard tools like `brew` for installation and provides explicit instructions for the AI agent to use `tmux` for all `op` commands, framed as a security measure to manage sessions and prevent re-prompts. Crucially, `SKILL.md` includes strong 'Guardrails' instructing the agent to 'Never paste secrets into logs, chat, or code' and to 'Prefer `op run` / `op inject` over writing secrets to disk'. There is no evidence of data exfiltration, malicious execution, persistence, or prompt injection with harmful intent. The examples provided are legitimate 1Password CLI commands, and any potentially risky features (like `op run --no-masking`) are directly addressed by the security guardrails.