proton-pass
Manage Proton Pass vaults, items (logins, SSH keys, aliases, notes), passwords, SSH agent integration, and secret injection into applications. Use when working with Proton Pass for password management, SSH key storage, secret injection (run commands with secrets, inject into templates), environment variable injection, or generating secure passwords. Supports vault/item CRUD, sharing, member management, SSH agent operations, TOTP generation, secret references (pass://vault/item/field), template injection, and command execution with secrets.
Why use this skill?
Use the Proton Pass skill for secure password management, SSH key storage, and secret injection into your dev workflows directly via OpenClaw agent commands.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/kakatkarakshay/proton-passWhat This Skill Does
The proton-pass skill integrates the official Proton Pass CLI with OpenClaw, enabling users to perform secure password and secret management directly from their AI agent. It allows for the complete lifecycle management of vaults and items, including logins, SSH keys, aliases, and notes. Beyond standard CRUD operations, this skill excels at automating secret workflows, such as injecting credentials into environment variables, generating secure passwords, and executing commands that require protected secrets. It supports team collaboration through vault sharing and fine-grained member management, making it an essential tool for secure infrastructure management.
Installation
To integrate this skill into your OpenClaw environment, execute the following command in your terminal:
clawhub install openclaw/skills/skills/kakatkarakshay/proton-pass
Before usage, ensure the Proton Pass CLI is installed on your host system via the official methods (Homebrew or curl script) and perform an initial authentication using pass-cli login to establish a secure session. This skill relies on the underlying CLI binary to interface with your Proton account encrypted data.
Use Cases
- DevOps Secret Injection: Dynamically pull API keys or SSH credentials from your vault to run deployment scripts without ever hardcoding sensitive values.
- Team Access Control: Programmatically share project-specific vaults with team members or update permissions based on project lifecycle changes.
- Credential Lifecycle Management: Automate the rotation of login items or the cleanup of obsolete SSH keys directly through natural language instructions.
- Cross-Platform Sync: Ensure all your machines use the same set of secrets by leveraging the unified Proton Pass ecosystem via OpenClaw.
Example Prompts
- "List all items in my 'Work' vault and extract the SSH private key into an environment variable named SSH_KEY for my current session."
- "Create a new vault named 'Client-Project-Alpha' and share it with [email protected] with editor permissions."
- "Generate a high-entropy 32-character password for my new database migration task and save it as a new login item in the 'Secrets' vault."
Tips & Limitations
For security, prioritize using file-based environment variables (PROTON_PASS_PASSWORD_FILE) over plain-text variables when automating logins. Always verify the vault name or ID before executing batch deletion operations. Note that certain MFA-intensive login flows require an interactive terminal session, which may limit background automation capabilities if your account requires U2F or SSO authentication.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-kakatkarakshay-proton-pass": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write, external-api, code-execution