Go back
More in category Open on GitHub

Jump to related tools in the same category or review the original source on GitHub.

Security & Passwords @steipete Updated 2/26/2026

🔐 1password OpenClaw Skill - ClawHub

Do you want your AI agent to automate 1password workflows? This free skill from ClawHub helps with security & passwords tasks without building custom tools from scratch.

What this skill does

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

Install

npx clawhub@latest install 1password

Full SKILL.md

Open original
namedescriptionhomepage
1passwordSet up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.https://developer.1password.com/docs/cli/get-started/

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

  • references/get-started.md (install + app integration + sign-in flow)
  • references/cli-examples.md (real op examples)

Workflow

  1. Check OS + shell.
  2. Verify CLI present: op --version.
  3. Confirm desktop app integration is enabled (per get-started) and the app is unlocked.
  4. REQUIRED: create a fresh tmux session for all op commands (no direct op calls outside tmux).
  5. Sign in / authorize inside tmux: op signin (expect app prompt).
  6. Verify access inside tmux: op whoami (must succeed before any secret read).
  7. If multiple accounts: use --account or OP_ACCOUNT.

REQUIRED tmux session (T-Max)

The shell tool uses a fresh TTY per command. To avoid re-prompts and failures, always run op inside a dedicated tmux session with a fresh socket/session name.

Example (see tmux skill for socket conventions, do not reuse old session names):

SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/clawdbot-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
tmux -S "$SOCKET" kill-session -t "$SESSION"

Guardrails

  • Never paste secrets into logs, chat, or code.
  • Prefer op run / op inject over writing secrets to disk.
  • If sign-in without app integration is needed, use op account add.
  • If a command returns "account is not signed in", re-run op signin inside tmux and authorize in the app.
  • Do not run op outside tmux; stop and ask if tmux is unavailable.
Original URL: https://github.com/openclaw/skills/blob/main/skills/steipete/1password

Related skills

If this matches your use case, these are close alternatives in the same category.

amai-id

Soul-Bound Keys and Soulchain for persistent ag...

audit-badge-demo

Demo skill showcasing the audit badge workflow; still

auditing-appstore-readiness

Audit an iOS app repo

authensor-gateway

Fail-safe policy gate for OpenClaw marketplace skills.

bitwarden

Access and manage Bitwarden/Vaultwarden passwords securely

bitwarden-vault

Bitwarden CLI setup, authentication.