pass
Complete guide for using pass, the standard Unix password manager. Use this skill whenever the user asks about pass, password-store, managing passwords from the terminal, GPG-encrypted passwords, setting up pass for the first time, inserting or generating passwords, syncing a password store with git, using pass-otp for TOTP codes, importing passwords from another manager, or any task involving the `pass` CLI. Trigger on phrases like "set up pass", "add a password to pass", "sync my password store", "generate a password", "pass git", "pass-otp", "pass-import", or any variation.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/bastos/passpass — The Standard Unix Password Manager
Each password is a GPG-encrypted file under ~/.password-store/. The store is
plain files in a folder hierarchy; no proprietary formats, no daemon.
1. Installation
Linux
| Distro | Command |
|---|---|
| Arch / Manjaro | pacman -S pass |
| Debian / Ubuntu | apt install pass |
| Fedora / RHEL | dnf install pass |
| openSUSE | zypper in password-store |
macOS
brew install pass
2. GPG Key Setup
pass requires a GPG key. Skip this block if you already have one.
# Generate a new key (use RSA 4096 or ed25519)
gpg --full-generate-key
# List your keys — note the key ID or email
gpg --list-secret-keys --keyid-format LONG
The key ID looks like 3AA5C34371567BD2 or you can use the email you registered.
3. Initialise the Store
pass init "[email protected]"
# or using the key ID:
pass init 3AA5C34371567BD2
This creates ~/.password-store/ and a .gpg-id file.
Multiple GPG IDs are supported (for team use):
pass init [email protected] [email protected]
Use -p to scope a different GPG key to a subfolder (useful for shared stores):
pass init -p work/ [email protected]
Running pass init on an existing store re-encrypts all entries with the new key(s).
4. Data Organisation Convention
Store each entry as a multiline file with this structure:
<password>
url: https://example.com
username: [email protected]
notes: anything extra
- First line is always the password.
pass -cand clipboard tools only copy line 1. - Use lowercase keys (
url:,username:,notes:) for compatibility with browser extensions andpass-import. - Organise with folders that mirror context, not the URL structure:
~/.password-store/
├── email/
│ ├── gmail
│ └── fastmail
├── dev/
│ ├── github
│ └── npm
└── finance/
├── bank-hsbc
└── revolut
5. Daily Usage
List the store
pass # full tree
pass email/ # subtree
pass ls email/ # explicit alias
Find entries by name
pass find github # lists all entries whose path matches "github"
Read a password
pass email/gmail # print all lines to stdout
pass -c email/gmail # copy line 1 to clipboard (clears after 45s)
pass -c2 email/gmail # copy line 2 (e.g. the username) to clipboard
Search inside decrypted content
pass grep username # grep across all decrypted entries
pass grep -i "amazon" # case-insensitive; accepts any grep option
Insert an existing password
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-bastos-pass": {
"enabled": true,
"auto_update": true
}
}
}Related Skills
topydo
Manage todo.txt tasks using topydo CLI. Add, list, complete, prioritize, tag, and organize tasks with dependencies, due dates, recurrence, and projects. Use for any task management, todo lists, or when the user mentions tasks, todos, or todo.txt. Requires Python 3 and pip. Works on macOS, Linux, and Windows.
Obsidian Daily
Skill by bastos
conventional-commits
Format commit messages using the Conventional Commits specification. Use when creating commits, writing commit messages, or when the user mentions commits, git commits, or commit messages. Ensures commits follow the standard format for automated tooling, changelog generation, and semantic versioning.