1password

HarleyCoops's avatarfrom HarleyCoops

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.

0stars🔀0forks📁View on GitHub🕐Updated Jan 8, 2026
[Security Operations]

When & Why to Use This Skill

This Claude skill enables seamless integration with the 1Password CLI (op), allowing users to securely manage, inject, and retrieve secrets, automate authentication, and handle multi-account sign-ins directly within a terminal environment. It prioritizes security best practices by utilizing 'op run' and 'op inject' to prevent sensitive data from being exposed in logs or code.

Use Cases

  • Secure Secret Injection: Automatically inject credentials into environment variables or configuration files for local development or CI/CD pipelines without storing them in plain text.
  • Automated Sign-in Workflows: Streamline the authentication process for single or multiple 1Password accounts, including desktop app integration and session management.
  • Credential Management in Scripts: Use the 'op' CLI to programmatically read and manage vault items, ensuring that scripts remain secure and secrets are handled according to industry standards.
  • Persistent Terminal Sessions: Configure tmux-based environments to maintain 1Password authorization across multiple commands, reducing the need for repeated manual authentication prompts.
name1password
descriptionSet up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or reading/injecting/running secrets via op.
homepagehttps://developer.1password.com/docs/cli/get-started/
metadata{"clawdbot":{"emoji":"🔐","requires":{"bins":["op"]},"install":[{"id":"brew","kind":"brew","formula":"1password-cli","bins":["op"],"label":"Install 1Password CLI (brew)"}]}}

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

  • references/get-started.md (install + app integration + sign-in flow)
  • references/cli-examples.md (real op examples)

Workflow

  1. Check OS + shell.
  2. Verify CLI present: op --version.
  3. Confirm desktop app integration is enabled (per get-started) and the app is unlocked.
  4. Sign in / authorize this terminal: op signin (expect an app prompt).
  5. If multiple accounts: use --account or OP_ACCOUNT.
  6. Verify access: op whoami or op account list.

Avoid repeated auth prompts (tmux)

The bash tool uses a fresh TTY per command, so app integration may prompt every time. To reuse authorization, run multiple op commands inside a single tmux session.

Example (see tmux skill for socket conventions):

SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/clawdbot.sock"
SESSION=op-auth

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200

Guardrails

  • Never paste secrets into logs, chat, or code.
  • Prefer op run / op inject over writing secrets to disk.
  • If sign-in without app integration is needed, use op account add.
  • If a command returns "account is not signed in", re-run op signin and authorize in the app.