Go back
More in category Open on GitHub

Jump to related tools in the same category or review the original source on GitHub.

Security & Passwords @steipete Updated 1/7/2026

🔐 1password OpenClaw Plugin & Skill | ClawHub

Looking to integrate 1password into your AI workflows? This free OpenClaw plugin from ClawHub helps you automate security & passwords tasks instantly, without having to write custom tools from scratch.

What this skill does

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

Install

npx clawhub@latest install 1password

Full SKILL.md

Open original
Metadata table.
namedescriptionhomepage
1passwordSet up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.https://developer.1password.com/docs/cli/get-started/

SKILL.md content below is scrollable.

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

  • references/get-started.md (install + app integration + sign-in flow)
  • references/cli-examples.md (real op examples)

Workflow

  1. Check OS + shell.
  2. Verify CLI present: op --version.
  3. Confirm desktop app integration is enabled (per get-started) and the app is unlocked.
  4. REQUIRED: create a fresh tmux session for all op commands (no direct op calls outside tmux).
  5. Sign in / authorize inside tmux: op signin (expect app prompt).
  6. Verify access inside tmux: op whoami (must succeed before any secret read).
  7. If multiple accounts: use --account or OP_ACCOUNT.

REQUIRED tmux session (T-Max)

The shell tool uses a fresh TTY per command. To avoid re-prompts and failures, always run op inside a dedicated tmux session with a fresh socket/session name.

Example (see tmux skill for socket conventions, do not reuse old session names):

SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/clawdbot-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
tmux -S "$SOCKET" kill-session -t "$SESSION"

Guardrails

  • Never paste secrets into logs, chat, or code.
  • Prefer op run / op inject over writing secrets to disk.
  • If sign-in without app integration is needed, use op account add.
  • If a command returns "account is not signed in", re-run op signin inside tmux and authorize in the app.
  • Do not run op outside tmux; stop and ask if tmux is unavailable.
Original Repository URL: https://github.com/openclaw/skills/blob/main/skills/steipete/1password
Latest commit: https://github.com/openclaw/skills/commit/0f2b22b3bd7eabe1b17e15fb75afa10be59e534e

Related skills

If this matches your use case, these are close alternatives in the same category.

1claw

HSM-backed secret management for AI agents — store, retrieve, rotate, and share secrets via the 1Claw vault without exposing them in context.

age-verification

Skills for age verification and age-appropriate content filtering.

amai-id

Soul-Bound Keys and Soulchain for persistent.

api-security

Implement secure API design patterns including authentication, authorization, input validation, rate limiting.

audit-badge-demo

Demo skill showcasing the audit badge workflow; still experimental.

auditing-appstore-readiness

Audit an iOS app repo (Swift/Xcode or React Native/Expo) for App Store compliance and release readiness; output a pass/warn/fail report and publish checklist.