ClawKit Logo
ClawKitReliability Toolkit
Back to Registry
Official Verified

1password-sa

Securely inject secrets from 1Password into agent workflows. Uses service accounts with op run/.env.tpl as the primary pattern, op read as fallback. Includes hardened security rules, input validation, and troubleshooting for auth/permission failures. Use when accessing API keys, credentials, or any 1Password secret.

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/in-liberty420/1password-sa
Or

1Password CLI (Hardened)

Secure secret access via 1Password CLI (op) for OpenClaw agents. Service accounts are the canonical approach.

References

  • references/get-started.md — install + baseline setup
  • references/cli-examples.md — safe command patterns
  • references/troubleshooting.md — failure/recovery runbook

Security Rules (must follow)

  1. Prefer op run over all alternatives for secret injection.
  2. Never enable shell tracing around secret commands (set -x, bash -x).
  3. Never print secrets to stdout/logs (echo, cat on secret values/files). printf piped directly to stdin of another command (e.g., printf ... | curl -H @-) is acceptable when the output never reaches a log or terminal.
  4. Never dump environment inside/after secret-bearing runs (env, printenv, set).
  5. Never pass secrets as CLI args (arguments can appear in process lists).
  6. Never pipe secret output to logs/files (tee, >, >>) unless explicitly writing a protected temporary file for op inject.
  7. Never pipe op read output into logging pipelines.
  8. Use op inject only with locked-down temp files: umask 077, chmod 600, trap cleanup.
  9. Never include secret values in chat, tool output, or agent responses. If a command outputs a secret, do not echo or reference its value.

Banned Flags/Patterns

  • --no-masking — never use in agent workflows. Masking redacts accidental secret output and must stay on.
  • --reveal — never use in routine workflows. Outputs field values in cleartext.
  • op signin --raw — outputs raw session token to stdout.
  • Bare op read — never run without capturing into a variable. It prints secrets to stdout.
  • set -x — never enable around any op command.
  • curl -v — verbose mode logs auth headers. Use curl -sSf instead.
  • script / terminal recorders — session recording captures all secret output.

Untrusted Input

  • Never interpolate user-provided or external text into shell commands without strict quoting.
  • Always use -- to separate op flags from command arguments.
  • Vault/item/field names from untrusted sources must be validated (alphanumeric, hyphens, underscores, and spaces only).
  • Never use eval, backtick substitution, or string-built shell commands with secret references.
  • If an item name looks suspicious (contains $, backticks, semicolons, or pipes), stop and verify with the user.

Safe dynamic input template:

VAULT="my-vault"
ITEM="my-item"

# Validate: reject names with dangerous characters
for NAME in "$VAULT" "$ITEM"; do
  if ! LC_ALL=C [[ "$NAME" =~ ^[a-zA-Z0-9\ _-]+$ ]]; then
    echo "ERROR: invalid vault/item name: $NAME" >&2; exit 1
  fi
done

VALUE="$(op read "op://${VAULT}/${ITEM}/password")"
# use $VALUE, then:
unset VALUE
Read Full Documentation on GitHub

Metadata

Author@in-liberty420
Stars2287
Views0
Updated2026-03-09
View Author Profile
AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill
Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-in-liberty420-1password-sa": {
      "enabled": true,
      "auto_update": true
    }
  }
}
Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.

Related Skills

kraken-pro

Manage Kraken exchange accounts — portfolio, market data, trading, earn/staking, ledger export. REST API via python-kraken-sdk. Use when the user wants to check crypto portfolio, get prices, place/cancel orders, manage staking, export ledger for taxes, deposit/withdraw funds, or interact with Kraken in any way.

in-liberty420 2287

sec-filing-watcher

Monitor SEC EDGAR for new filings and get Telegram/Slack summaries via Clawdbot. Use when setting up SEC filing alerts, adding/removing tickers to monitor, configuring form types, starting/stopping the watcher, or troubleshooting filing notifications.

in-liberty420 2287

0g-compute

Use cheap, TEE-verified AI models from the 0G Compute Network as OpenClaw providers. Discover available models and compare pricing vs OpenRouter, verify provider integrity via hardware attestation (Intel TDX), manage your 0G wallet and sub-accounts, and configure models in OpenClaw with one workflow. Supports DeepSeek, GLM-5, Qwen, and other models available on the 0G marketplace.

in-liberty420 2287

solana-easy-swap

Swap any Solana token from chat. Say 'swap 1 SOL for USDC' and it handles everything — quoting, signing, sending, confirming. No API keys, no wallet extensions, no setup beyond a keypair. Powered by Jupiter. Use when a user wants to swap, trade, exchange, buy, or sell Solana SPL tokens, SOL, USDC, memecoins, or any token pair on Solana.

in-liberty420 2287