← Back to Skills Marketplace

1password 1.0.1.Zip

Name: 1password 1.0.1.Zip
Author: cuiday1975

by cuiday1975 · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

103

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install 1password-1-0-1-zip

Description

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/...

README (SKILL.md)

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

references/get-started.md (install + app integration + sign-in flow)
references/cli-examples.md (real op examples)

Workflow

Check OS + shell.
Verify CLI present: op --version.
Confirm desktop app integration is enabled (per get-started) and the app is unlocked.
REQUIRED: create a fresh tmux session for all op commands (no direct op calls outside tmux).
Sign in / authorize inside tmux: op signin (expect app prompt).
Verify access inside tmux: op whoami (must succeed before any secret read).
If multiple accounts: use --account or OP_ACCOUNT.

REQUIRED tmux session (T-Max)

The shell tool uses a fresh TTY per command. To avoid re-prompts and failures, always run op inside a dedicated tmux session with a fresh socket/session name.

Example (see tmux skill for socket conventions, do not reuse old session names):

SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/clawdbot-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
tmux -S "$SOCKET" kill-session -t "$SESSION"

Guardrails

Never paste secrets into logs, chat, or code.
Prefer op run / op inject over writing secrets to disk.
If sign-in without app integration is needed, use op account add.
If a command returns "account is not signed in", re-run op signin inside tmux and authorize in the app.
Do not run op outside tmux; stop and ask if tmux is unavailable.

Usage Guidance

This skill appears to do what it says (set up and run the 1Password CLI) and installs the official brew formula, but there are operational details to review before installing: - The runtime instructions automate interactive sign-in inside tmux and explicitly capture tmux pane output. Captured output can include secrets if the agent or a user runs commands that reveal them. Only proceed if you trust the agent's handling of captured output and logs. - The SKILL.md references CLAWDBOT_TMUX_SOCKET_DIR (an agent-specific env var) but the skill doesn't declare or document required env vars—confirm what agent environment variables the skill expects and whether exposing or creating the socket directory is safe in your environment. - The guardrails (don’t paste secrets into chat, prefer op run/op inject) are good, but automated capture increases risk. Consider running 1Password sign-in manually instead of letting the skill drive it, or restrict the skill from autonomous invocation if your platform allows. - The install uses a Homebrew formula (low risk), but verify the brew formula source is official in your environment. If you want to proceed: limit the skill’s permissions, avoid letting it run autonomously for sensitive flows, and prefer manual sign-in for initial authorization. If you can provide or review additional logs of a dry run (what the agent would capture) I could reassess with higher confidence.

Capability Analysis

Type: OpenClaw Skill Name: 1password-1-0-1-zip Version: 1.0.0 The skill provides the agent with high-risk capabilities to read, inject, and run secrets using the 1Password CLI (op), as detailed in SKILL.md and cli-examples.md. While it includes guardrails against logging secrets, it mandates a tmux-based workflow that uses a potentially predictable socket path in /tmp (/tmp/clawdbot-tmux-sockets/clawdbot-op.sock), which is a common vulnerability that could allow local session hijacking. The skill also automates the installation of external binaries via Homebrew, which, combined with shell execution and sensitive data access, warrants a suspicious classification.

Capability Assessment

✓ Purpose & Capability

Name, description, required binary (op), and the brew install (1password-cli -> op) match the stated purpose of configuring and using the 1Password CLI.

⚠ Instruction Scope

SKILL.md tells the agent to create tmux sessions, drive interactive signin, capture the tmux pane, and then kill the session. Capturing pane contents can include secrets if commands that output secrets are run; the instructions do warn not to paste secrets, but the skill still automates reading TTY output. The instructions also reference a CLAWDBOT_TMUX_SOCKET_DIR environment variable and 'tmux skill' conventions that are not declared in requires.env, so the skill relies on implicit agent environment/state.

✓ Install Mechanism

Install uses Homebrew formula '1password-cli' to provide 'op' — a standard, low-risk distribution channel for this CLI.

ℹ Credentials

The skill declares no required env vars or credentials (appropriate for a CLI wrapper). However, the runtime examples reference CLAWDBOT_TMUX_SOCKET_DIR (an implicit env var) and TMPDIR; referencing undeclared agent-specific env vars is a mismatch and deserves attention. No external credentials are requested by the skill.

✓ Persistence & Privilege

always:false and no install-time modifications beyond installing the CLI are requested. The skill does not request persistent/global privileges or modify other skills' configurations.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install 1password-1-0-1-zip
After installation, invoke the skill by name or use /1password-1-0-1-zip
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

1Password CLI skill initial release: - Provides setup and usage instructions for 1Password CLI (op), including install steps, app integration, and sign-in workflow. - Requires all `op` commands to be run inside a dedicated tmux session for security and reliability. - Offers best practices and guardrails for handling secrets safely. - Includes links to official documentation and workflow references.

Metadata

Slug 1password-1-0-1-zip

Version 1.0.0

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 1

Frequently Asked Questions

What is 1password 1.0.1.Zip?

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/... It is an AI Agent Skill for Claude Code / OpenClaw, with 103 downloads so far.

How do I install 1password 1.0.1.Zip?

Run "/install 1password-1-0-1-zip" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is 1password 1.0.1.Zip free?

Yes, 1password 1.0.1.Zip is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does 1password 1.0.1.Zip support?

1password 1.0.1.Zip is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created 1password 1.0.1.Zip?

It is built and maintained by cuiday1975 (@cuiday1975); the current version is v1.0.0.

More Skills