1Password: Manage Your Vault With Clawdbot — via the op CLI
11,700+ downloads and 27 stars — the 1Password Skill connects Clawdbot to your 1Password vault through the official op CLI. Look up credentials, manage vault items, generate passwords, and audit your security posture — all from Clawdbot. The critical implementation detail that makes this work reliably: it requires a tmux session for all operations.
The Problem It Solves
1Password's op CLI is powerful but has a usability friction point: each time you open a fresh terminal and run an op command, it may prompt for biometric authentication (Touch ID, Apple Watch) or a master password again. In automated or AI-assisted workflows, this re-prompting breaks the flow every time a new shell is spawned.
The 1Password Skill solves this by routing all op commands through a persistent tmux session that maintains the op daemon connection. Once authenticated once in the tmux session, subsequent commands reuse the same authenticated context — no repeated prompts.
Why tmux Is Required
The op CLI maintains an authentication session daemon. When you run op in a fresh shell:
- A new
opprocess starts - It needs to authenticate with the daemon — which may require user interaction
- Once done, the shell exits and the session context may be lost
In a tmux session with a persistent pane:
- The
opdaemon stays connected across commands - Authentication from the first command persists
- All subsequent commands in the session reuse the same auth state
This is why the skill is designed around tmux — it's not optional, it's the architectural mechanism that makes seamless op usage possible.
Prerequisites
Install the op CLI
# macOS via Homebrew
brew install 1password-cli
# Verify
op --versionSign In
# Initial sign-in to your 1Password account
op signin
# Follow the prompts for biometric setupInstall the Skill
clawdhub install 1password
Three Secret Access Patterns
The op CLI provides three distinct ways to access secrets, each suited to different use cases:
op run — Inject into subprocess environment
# Runs a command with secrets injected as environment variables
# Never exposes the secret in the shell history
op run -- node server.js
op run -- python script.pyThe safest pattern for running processes that need secrets. The secret values are injected directly into the subprocess environment and never appear as shell arguments.
op inject — Template substitution
# Replace op:// references in a template with actual values
op inject -i config.template.yaml -o config.yamlUseful for generating configuration files from templates that contain op://vault/item/field references.
op read — Single secret retrieval
# Read a single secret value
op read "op://Personal/GitHub/password"
op read "op://Work/AWS/access-key-id"Direct, targeted access to a specific field. Use this when you need a value for a one-time operation.
Security rule: prefer op run or op inject over op read — they avoid writing secrets to logs or command history.
Usage
Looking Up Credentials
Get the password for my GitHub account from 1Password
What's the API key stored in my "Stripe Production" 1Password item?
Find the SSH key passphrase for my homelab server in 1Password
Creating and Managing Items
Create a new 1Password login item for my new staging server
Title: "Staging Server SSH"
Username: deploy
Password: generate a strong one
URL: staging.mycompany.com
Update the password for "AWS Root Account" in my Work vault
Add a note to the "Database Credentials" item: "rotated 2026-03-15"
Password Generation
Generate a strong 32-character password for my new database account
Create a passphrase with 5 words for an account that needs something memorable
Vault Audit
List all items in my Work vault that haven't been updated in over a year
Find any 1Password items with duplicate passwords
Show me all items in my vault that have weak passwords
The tmux Architecture in Practice
The skill manages tmux sessions internally:
# The skill creates a persistent tmux session for op commands:
tmux new-session -d -s op-session
# Commands are sent to the tmux pane:
tmux send-keys -t op-session "op item get 'GitHub' --fields password" Enter
# Output is captured from the pane
tmux capture-pane -t op-session -pThis pattern means:
- First
opcommand may trigger a biometric prompt in the tmux pane - All subsequent commands in the same session are instant
- The session persists for the duration of your Clawdbot session
You'll see a native Touch ID or password prompt the first time you use an op command — this is expected and required. After that, operations are seamless.
Security Model
1Password's CLI uses the system keychain and biometric authentication, not plaintext credentials. The skill never stores your master password. Key security properties:
- No plaintext credentials — the
opCLI handles all secret storage via 1Password's secure enclave integration - Session-scoped access — authentication is per-tmux-session; closing the session ends access
- Read/write scope — the skill can both read and write vault items; use 1Password's built-in permission system to restrict access if needed
- Biometric gating — the initial auth prompt ensures a human approved the session, even in automated workflows
Practical Tips
- Authenticate first — before running complex workflows, do a simple
op whoamivia Clawdbot to ensure the tmux session is authenticated and ready - Use vault-specific queries — if you have multiple vaults (Personal, Work, Team), specify the vault name explicitly to avoid ambiguity: "get the GitHub credentials from my Work vault"
- Batch credential lookups — instead of multiple requests, ask for several items at once: "get the credentials for GitHub, AWS, and Stripe from my Work vault"
- Audit workflows — use Clawdbot to run regular security audits: weak passwords, old items, duplicates — tasks that are tedious to do manually in the app
- Never log secrets — be careful when using Clawdbot to process credentials; avoid asking it to display raw secrets in chat history unless necessary
Considerations
- macOS only — the
opCLI with biometric integration requires macOS; Linux is supported without biometrics but the workflow differs - Homebrew required — installation is via
brew install 1password-cli; users on systems without Homebrew need to use the manual install path - tmux required — the skill's architecture depends on tmux; ensure it's installed (
brew install tmux) - 1Password account required — this skill only works if you're an active 1Password subscriber (Teams, Business, or Individual plans)
- Session timeouts — very long-running Clawdbot sessions may lose the
opauthentication after 1Password's session timeout; re-authenticate with a simple op command - Sensitive workflows — any workflow that exposes credentials should be carefully reviewed; prefer pulling only the specific fields you need rather than dumping full vault items
Comparison With Manual op CLI Usage
| Scenario | Manual op CLI | 1Password Skill |
|---|---|---|
| Quick credential lookup | Fast | Fast |
| Multi-step audit | Tedious | Natural language |
| Credential creation | Multiple flags | Conversational |
| Cross-vault search | Manual iteration | Single request |
| Batch operations | Shell scripting | Single prompt |
The Bigger Picture
The 1Password Skill represents a thoughtful approach to AI-assisted security tooling: instead of extracting credentials into Clawdbot's context (risky), it keeps secrets within op's secure enclave and surfaces only what's needed. The tmux architecture is an elegant engineering solution to a real limitation of the CLI tool. With 11,700+ downloads, this skill is proving that AI assistants can meaningfully assist with security workflows — not by being trusted with secrets, but by orchestrating the tools that securely hold them.
View the skill on ClawHub: 1password