bitwarden
Set up and use Bitwarden CLI (bw). Use when installing the CLI, authenticating (login/unlock), or reading secrets from your vault. Supports email/password, API key, and SSO authentication methods.
Why use this skill?
Integrate Bitwarden with OpenClaw. Securely retrieve passwords, API keys, and secrets for automated workflows using the official Bitwarden CLI and managed sessions.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/startupbros/bitwarden-vaultWhat This Skill Does
The Bitwarden CLI skill enables OpenClaw agents to interface directly with the Bitwarden secure password manager. It allows for the retrieval of credentials, secure notes, API keys, and TOTP tokens programmatically. By acting as a secure bridge, this skill permits automated tasks to leverage your vault secrets without manual copy-pasting, while adhering to strict security protocols for handling sensitive data.
Installation
To integrate this capability into your agent, use the OpenClaw management utility. Run the following command in your terminal: clawhub install openclaw/skills/skills/startupbros/bitwarden-vault. Ensure that the Bitwarden CLI (bw) is pre-installed on the host system, as the skill acts as a wrapper for the official binary. You must verify the installation using bw --version before attempting any authentication workflows.
Use Cases
This skill is ideal for DevOps and development workflows where secrets are required for automated deployments or environment configuration. Common use cases include: fetching database connection strings during backend service spin-up, retrieving API keys for third-party integrations (like AWS or Stripe) for automated testing, accessing TOTP codes for multi-factor authentication workflows in CI/CD pipelines, and organizing secret management in a way that remains synchronized with a team-wide password manager.
Example Prompts
- "Check if the Bitwarden CLI is installed and initialize a new tmux session named 'bw-session' to prepare for vault access."
- "Login to my Bitwarden account using the SSO method, unlock the vault, and export the session key to the environment."
- "Retrieve the GitHub API key from my vault and print only the value so I can use it to configure my local development environment."
Tips & Limitations
The most important constraint is the requirement for a tmux session. The BW_SESSION environment variable is volatile and specific to the shell session; tmux is the mandated tool to preserve this context across multiple agent operations. Always avoid echoing secrets to standard output where they might be captured by system logs or history files. If you encounter authentication errors, ensure your tmux session is active and that you have exported the current BW_SESSION key correctly. Always remember to call bw lock once your specific task is complete to ensure your vault remains protected, especially in shared or multi-user environments.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-startupbros-bitwarden-vault": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, external-api