ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified developer tools Safety 5/5

passwordstore-broker

Enforce safe secret handling by collecting secrets through one-time HTTPS forms, storing them in pass via scripts/vault.sh, and executing tools with environment injection via scripts/run_with_secret.sh so raw secrets do not enter chat context or logs.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/bieggerm/passwordstore-broker
Or

What This Skill Does

The passwordstore-broker is a specialized OpenClaw agent skill designed to bridge the gap between secure local vaulting and dynamic agent-based task execution. Its primary objective is to eliminate the dangerous habit of typing sensitive credentials directly into chat windows. By implementing a broker pattern, it orchestrates the intake of secrets via ephemeral, one-time HTTPS forms that reside on the user's local network or machine. Once collected, secrets are encrypted and stored in a local password store, from which the agent can inject them into command execution environments at runtime using strictly controlled wrapper scripts. This ensures that raw passwords, tokens, or private keys never reside in the chat history, transcript files, or remote logging systems.

Installation

To integrate this skill into your environment, run the following command from your terminal within the OpenClaw directory: clawhub install openclaw/skills/skills/bieggerm/passwordstore-broker. After installation, ensure you initialize the system by following the procedures in references/SETUP.md. You must verify the presence of ~/.passwordstore-broker/totp.secret and ~/.passwordstore-broker/setup_completed_at.txt to enable the TOTP-backed identity verification layer, which is essential for secure LAN-mode secret intake.

Use Cases

This skill is ideal for any scenario where an agent needs to perform authenticated actions on behalf of the user. Common use cases include: triggering deployment pipelines that require AWS or GitHub tokens, accessing private APIs that require persistent authentication, or managing cloud infrastructure via Terraform/CLI tools. Because it handles the lifecycle of the secret from initial collection to secure injection, it is particularly suited for high-security environments where audit logs must remain clear of sensitive credential strings.

Example Prompts

  1. "I need to run the aws-deploy.sh script. Please check if the AWS access keys are stored; if not, initiate a secure intake flow for me."
  2. "Please list all currently stored credentials and verify if the github/token is still valid."
  3. "Prepare the deployment environment for our production server using the vault storage, and run the update script using the run_with_secret injector."

Tips & Limitations

  • Always prioritize LAN-mode when the agent is interacting with sensitive production infrastructure, as it adds a second factor (TOTP) to the secret collection flow.
  • Avoid renaming keys frequently; use the prescribed hierarchical structure (e.g., service/env/key) to maintain clarity.
  • Do not attempt to rotate TOTP secrets via the agent; this is a manual security process designed to prevent automated credential takeover.
  • Always use the run_with_secret.sh injector rather than manually echoing variables, as this minimizes the footprint of the secret in the process tree.
Read Full Documentation on GitHub

Metadata

Author@bieggerm
Stars4473
Views0
Updated2026-05-01
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-bieggerm-passwordstore-broker": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Tags(AI)

#security#vault#secrets-management#authentication#devops
Safety Score: 5/5

Flags: file-write, file-read, network-access, code-execution