Passwords
Local credential vault with OS keychain integration, encrypted storage, and session-based access control.
Why use this skill?
Enhance your AI agent with a secure, local-first credential vault featuring OS keychain integration, Argon2id encryption, and granular policy controls for safe automation.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/ivangdavila/passwordsWhat This Skill Does
The Passwords skill provides OpenClaw agents with a secure, local credential vault integrated directly with your operating system's native keychain services. It is designed for maximum security, utilizing age (ChaCha20-Poly1305) for at-rest encryption and Argon2id for robust key derivation. Unlike standard password managers, this skill is purpose-built for AI agents, featuring strict session-based access control, progressive lockout mechanisms for failed attempts, and a granular sensitivity-based policy system. It ensures that sensitive credentials, such as those for financial or government services, require explicit user confirmation before an agent can access them.
Installation
You can install this skill directly via the command line interface provided by OpenClaw:
clawhub install openclaw/skills/skills/ivangdavila/passwords
Ensure you have the necessary system-level dependencies for your OS (libsecret for Linux/GNOME, Keychain Services for macOS, or Credential Manager for Windows) installed and configured prior to running the installation.
Use Cases
- Developer Workflow Automation: Automatically injecting environment variables into local build scripts or deployment tools without hardcoding secrets.
- Secure Web Interaction: Safely providing credentials for automated web testing or form filling when the agent is permitted by your policy settings.
- Authenticated API Calls: Managing tokens and API keys for various developer platforms, ensuring that the agent only accesses services it is strictly authorized to interact with.
Example Prompts
- "OpenClaw, please securely retrieve the login credentials for my GitHub account and use them to authenticate my local session."
- "I need to update my environment variables; can you pull the staging API key from the vault and inject it into my current shell process?"
- "OpenClaw, verify if my bank credentials are stored in the vault and set a confirmation requirement for any future access attempts."
Tips & Limitations
- Security First: Never ask your agent to output passwords in plain text to the console. The skill uses secure IPC and environment variable swapping to keep secrets out of command-line history.
- Sensitivity Labels: Always review the suggested sensitivity labels for new entries. While the skill auto-detects based on domain patterns, you are responsible for overriding labels if you consider a specific account to be more sensitive than the default classification.
- Recovery: During the initial master password setup, the system generates a BIP39 word list. Store this physically, as it is the only way to recover your vault if the master password is forgotten.
- TOTP: For high-security environments, we strongly recommend storing TOTP secrets in a completely separate vault instance to ensure multi-factor isolation.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-ivangdavila-passwords": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write
Related Skills
Animations
Create performant web animations with proper accessibility and timing.
Arduino
Develop Arduino projects avoiding common wiring, power, and code pitfalls.
Bulgarian
Write Bulgarian that sounds human. Not formal, not robotic, not AI-generated.
Arabic
Write Arabic that sounds human. Not formal, not robotic, not AI-generated.
Assistant
Manage tasks, communications, and scheduling with proactive and organized support.