← 返回 Skills 市场
🔌

Passlane

作者 Passlane · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
10
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install passlane
功能描述
Use passlane (a Keepass-backed password manager + authenticator CLI) to retrieve credentials, payment cards, secure notes, and generate TOTP codes for automa...
使用说明 (SKILL.md)

passlane

passlane is a command-line password manager and authenticator that stores data in the Keepass encrypted format. It holds credentials (service/username/password), payment cards, secure notes, and TOTP authenticators (time-based 2FA codes). It exposes scripting-friendly output (--json, --out, --once, --code) so agents can read secrets and feed them into automations without touching the clipboard or any interactive UI.

There are two separate vaults, each with its own master password:

  • the main vault — credentials, payment cards, secure notes
  • the TOTP vault — authenticator secrets (addressed with the -o flag on most commands)

Prerequisite: the vault must be unlocked

Non-interactive use requires the master password to be stored in the OS keychain. The user runs these one-time, interactive setup commands themselves:

passlane unlock      # store the main vault master password in the OS keychain
passlane unlock -o   # store the TOTP vault master password in the OS keychain
passlane lock        # remove stored master passwords (re-locks)

There is no environment variable or stdin to supply the master password. If the vault is locked, passlane will block on an interactive prompt — which hangs unattended automation. So:

If a passlane command blocks or fails because the vault is locked, stop and ask the user to run passlane unlock (and passlane unlock -o for 2FA codes). Do not try to supply the master password yourself.

Reading secrets (the core of automation)

Two commands are built for scripts and print to stdout:

passlane list [REGEXP] [--json] [-v]

Machine-readable listing. Default lists credentials; add a type flag to list something else: -p payment cards, -n notes, -o TOTP entries. An optional REGEXP filters by service/issuer.

  • passlane list --json — JSON envelope (best for parsing with jq).
  • passlane list github --json — only entries matching github.
  • passlane list -v — plain text including passwords.

WARNING: list --json and list -v print passwords in cleartext to stdout. Default plain list (no -v) shows service/username/note only — no password.

passlane show \x3CREGEXP> --out

Print a single matched password to stdout — no clipboard, no countdown, exits immediately. Use this when you need exactly one secret.

passlane show '^github\.com$' --out

Rule of thumb: use list --json | jq for structured extraction or multiple fields; use show --out for one password.

JSON output reference

Every --json response is an envelope:

{ "type": "credentials", "count": 2, "entries": [ ... ] }

Entry fields by type:

type entry fields
credentials uuid, service, username, password, note (optional), last_modified
payment_cards id, name, name_on_card, number, cvv, expiry ({month, year}), color?, billing_address?, last_modified
notes id, title, content, last_modified
totp id, label, issuer, secret, algorithm, period, digits, last_modified
totp_codes label, issuer, code, valid_for_secondsnever includes the stored secret

TOTP / 2FA codes

Most logins need a fresh time-based code. Two ways to get one:

passlane show -o --once \x3CREGEXP> — recommended for a single code

Prints the one matching current code to stdout and exits.

passlane show -o --once github   # -> 447091
  • Zero matches → exit code 1, stderr: No matching OTP authorizer found.
  • Multiple matches → exit code 1, stderr: Multiple OTP authorizers match: \x3Clabels>. Refine the search pattern to match exactly one.

Because ambiguity is an error, anchor your pattern (e.g. '^GitHub$') so it matches exactly one authorizer.

passlane list -o --code [REGEXP] [--json] — multiple codes / expiry window

Outputs the current code for every matching authorizer. With --json, each entry includes valid_for_seconds so you know how long the code stays valid.

passlane list -o --code --json

TOTP codes are valid only for a few seconds. Fetch them just before use and never cache them. Re-fetch on each retry.

Other commands

Command Notes
passlane gen [--out] Generate a random password. --out prints to stdout (otherwise copies to clipboard).
passlane add [-p|-n|-o] [-g] [-l] Add a credential/card/note/TOTP. Interactive (prompts).
passlane edit \x3CREGEXP> [-p|-n|-o] Edit an entry. Interactive.
passlane delete \x3CREGEXP> [-c|-p|-n|-o] Delete entries. Interactive.
passlane csv \x3CFILE> Import credentials from a CSV file.
passlane export [-p|-n|-o] \x3CFILE> Export the vault to CSV.
passlane passwd [-o] Change a vault's master password. Interactive.
passlane completions [SHELL] Generate shell completions (bash/zsh/fish).
passlane init First-time setup. Interactive.
passlane repl Interactive REPL (also launched by running passlane with no args).

add, edit, delete, passwd, init, and repl are prompt-driven and not suited to unattended automation — only the reading commands above are.

Safety rules

  • Never echo retrieved passwords or TOTP codes into chat, logs, or files you commit.
  • Pipe secrets directly into the consuming command, or capture into a shell variable with VAR=$(passlane ...) — avoid inlining a secret into a command line where it lands in shell history or process listings.
  • Fetch TOTP codes just-in-time, immediately before the request that uses them.
  • Match patterns precisely (anchored regex) so show -o --once and show --out resolve to exactly one entry.
  • Treat exit code 1 as actionable: a locked vault, no match, or ambiguous match. Check it and react rather than proceeding with empty output.

Worked examples

For ready-to-adapt scripts — API login with basic auth + TOTP, single-secret extraction, browser login combined with the playwright-cli skill, and a read-only credential audit — read references/automation-examples.md when you are actually building an automation.

安全使用建议
This appears acceptable to install based on the clean telemetry available here. Because the target artifact files were not available for direct inspection in the workspace, review the skill's visible instructions and any requested permissions before installing.
能力标签
requires-sensitive-credentials
能力评估
Purpose & Capability
No scanner or artifact evidence shows capabilities that are incompatible with the stated skill-version review context.
Instruction Scope
No prompt-injection signals or unsafe runtime instructions were supplied, and SkillSpector reported no issues.
Install Mechanism
No specific install-time behavior or target artifact files were available for direct review in the workspace; the available signals do not indicate risky installation behavior.
Credentials
No evidence was provided of broad local indexing, credential/session access, background workers, destructive actions, or overbroad environment access.
Persistence & Privilege
No evidence was provided of persistence, privilege escalation, hidden configuration changes, or long-running privileged behavior.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install passlane
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /passlane 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of passlane skill. - Provides command-line access to credentials, payment cards, secure notes, and TOTP codes stored in a Keepass-encrypted vault. - Supports scripting-friendly output for automation: JSON, direct-to-stdout, just-in-time TOTP codes. - Distinct main and TOTP vaults, each with independent unlock/lock routines. - Includes detailed usage safety guidelines and automation-ready commands: list, show, and TOTP retrieval. - Interactive commands for vault setup and entry management are not suitable for unattended automation.
元数据
Slug passlane
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Passlane 是什么?

Use passlane (a Keepass-backed password manager + authenticator CLI) to retrieve credentials, payment cards, secure notes, and generate TOTP codes for automa... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 10 次。

如何安装 Passlane?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install passlane」即可一键安装,无需额外配置。

Passlane 是免费的吗?

是的,Passlane 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Passlane 支持哪些平台?

Passlane 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Passlane?

由 Passlane(@passlane)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论