OpenClaw
Security & SecretsRecommended

1Password CLI Skill for OpenClaw

Fetch secrets safely via 1Password CLI (op).

Last updated: 2026-03-04

Quick Install

$ npx clawhub@latest install 1password

Key Features

Read secrets from 1Password vaults using natural language
Inject credentials into config files with op inject
Run processes with secrets as environment variables via op run
Sign in to single or multiple 1Password accounts
Manage vaults, items, and documents through the CLI
Enforce tmux-based workflows for reliable authentication

OpenClaw 1Password CLI Skill Overview

The 1Password CLI skill connects OpenClaw to your 1Password vaults via the official 1Password CLI (op). Once installed, your OpenClaw agent can read secrets, inject credentials into configuration files, and run processes with secrets as environment variables — all through natural language commands. No more copying and pasting tokens from the 1Password app.

Secret management is a critical part of any development workflow. The OpenClaw 1Password skill eliminates the need to store API keys, database passwords, or service tokens in plaintext config files. Instead, you ask OpenClaw to fetch exactly what you need, and the agent retrieves it securely from your vault at runtime.

Typical workflow:

  1. Ask OpenClaw to inject your database credentials into the .env file.
  2. The agent runs op inject to replace secret references with actual values.
  3. Credentials are available to your application — never written to disk in plaintext.

This skill enforces a tmux-based workflow for all op commands, ensuring persistent authentication sessions and preventing TTY failures during automated operations. It supports both desktop app integration (biometric unlock) and service account tokens for CI/CD pipelines.

Prerequisites for 1Password CLI Skill

Before installing the 1Password CLI skill, make sure you have:

  • OpenClaw installed and running (v1.0+)
  • 1Password CLI (op) installed — official installation guide
  • A 1Password account (individual, family, team, or business)
  • tmux installed for reliable CLI sessions
  • clawhub CLI installed for skill management — install with clawhub

Verify your setup:

bash
# Check OpenClaw version
openclaw --version

# Check 1Password CLI version
op --version

# Verify tmux is available
tmux -V

# Check 1Password authentication status
op whoami

How to Install the 1Password CLI Skill

Install the 1Password CLI skill with a single command:

bash
npx clawhub@latest install 1password

To verify the installation:

bash
clawhub list

You should see 1password in the list of installed skills. The skill is maintained in the official OpenClaw skills repository and published on ClawHub.

1Password CLI Skill Configuration

The skill requires authentication with your 1Password account. There are three methods depending on your environment.

Method 1: Desktop App Integration (Recommended for Development)

Enable biometric unlock so the CLI authenticates through the 1Password desktop app:

bash
# Enable desktop app integration
op signin

When prompted, approve the sign-in request in the 1Password desktop app. This method uses biometric verification (Touch ID, Windows Hello) and requires no long-lived tokens.

Method 2: Service Account Token (Recommended for CI/CD)

bash
# Set the service account token
export OP_SERVICE_ACCOUNT_TOKEN=ops_your-service-account-token

Service accounts provide scoped, non-interactive access to specific vaults. Create one at my.1password.com under Developer → Service Accounts.

Method 3: Connect Server (For Self-Hosted Infrastructure)

bash
# Set Connect server credentials
export OP_CONNECT_HOST=https://your-connect-server:8080
export OP_CONNECT_TOKEN=your-connect-token

Key Environment Variables

| Variable | Purpose | |----------|---------| | OP_SERVICE_ACCOUNT_TOKEN | Authenticate with a service account | | OP_CONNECT_HOST | Connect server URL | | OP_CONNECT_TOKEN | Connect server access token | | OP_ACCOUNT | Default account for multi-account setups | | OP_BIOMETRIC_UNLOCK_ENABLED | Toggle desktop app integration |

Important: Never hardcode tokens in configuration files. Use environment variables or inject them via your CI/CD platform's secret store. Review the Safety Checklist for additional security guidance.

1Password CLI Skill Usage Examples

1. Read a Secret at Runtime

You: "Get the Stripe API key from the Production vault."

The agent runs op read "op://Production/Stripe API/credential" and returns the secret value. The key is available for immediate use without being stored in any file.

2. Inject Secrets into a Config File

You: "Inject all the secrets into my .env.template file and save it as .env."

The agent uses op inject -i .env.template -o .env to replace secret references like op://Vault/Item/field with actual values. The template stays safe to commit; the output file contains real credentials.

3. Run a Process with Injected Secrets

You: "Run the database migration script with the production database URL from 1Password."

The agent executes op run --env-file .env -- npm run migrate, injecting secrets as environment variables for the duration of the process. Once the process exits, the secrets are no longer in memory.

4. List and Search Vault Items

You: "Show me all API keys in the Development vault."

The agent runs op item list --vault Development --tags api-key and returns a formatted list of matching items with their names, categories, and last modified dates.

Security & Best Practices

The 1Password skill accesses your most sensitive credentials. Follow these guidelines to stay safe:

  • Use least privilege. Grant vault-level access rather than full account access. Service accounts should only see the vaults they need.
  • Prefer op run and op inject over op read. These commands keep secrets ephemeral — they are never written to disk or stored in shell history.
  • Never paste secrets into logs, chat, or code. The skill is designed to inject secrets directly into processes, bypassing clipboard and terminal output.
  • Use service accounts for automation. Avoid using personal accounts in CI/CD pipelines. Service accounts provide scoped, auditable access.
  • Rotate service account tokens regularly. Set expiration dates when creating tokens and rotate them at least every 90 days.
  • Run op commands inside tmux. The skill enforces tmux-based workflows to prevent TTY failures and session drops during long-running operations.

Troubleshooting 1Password CLI Errors

"account is not signed in"

Your 1Password session has expired or was never established.

bash
# Re-authenticate via desktop app
op signin

# Verify the session
op whoami

If you are using a service account, verify that OP_SERVICE_ACCOUNT_TOKEN is correctly set and has not expired.

"could not find item"

The requested item does not exist in the specified vault, or your account lacks access.

  1. Check the item name and vault with op item list --vault "Vault Name".
  2. Verify your account has read access to the vault.
  3. For service accounts, confirm the vault is included in the account's access policy.

"tmux not found" or TTY errors

The 1Password CLI requires a TTY for interactive sign-in. The skill uses tmux to maintain persistent sessions.

bash
# Install tmux
# macOS
brew install tmux

# Ubuntu / Debian
sudo apt install tmux

After installing tmux, start a new session with tmux new -s op-session before running op signin.

FAQ

Yes, when configured with proper scoping. The recommended approach is to use a **service account** with read-only access to specific vaults rather than granting full account access. OpenClaw follows the confirmation model — vault operations require your approval before execution. Combined with 1Password's audit logging, every secret access is traceable and revocable.

Yes. The 1Password CLI supports multi-account workflows. Set the `OP_ACCOUNT` environment variable to specify a default account, or use the `--account` flag per command. The skill handles account switching automatically when you reference items in different vaults across accounts.

Both skills provide secret management, but they connect to different platforms. The [1Password skill](/skills/1password) uses the `op` CLI with desktop app integration, biometric unlock, and service accounts. The [Bitwarden](/skills/bitwarden) skill is ideal for self-hosted teams using Vaultwarden. Choose the one that matches your team's existing password manager. Both support runtime secret injection and follow the same zero-plaintext philosophy.

Related Skills

Bitwarden / Vaultwarden
Recommended

Access secrets via Bitwarden/Vaultwarden CLI and API.

GitGuardian ggshield
Recommended

Scan repositories for hardcoded secrets (500+ secret types).

Guardrails
Recommended

Apply safety guardrails around tool use and risky actions.

Install on ClawHubBack to Skills Directory