1password

The 1Password skill enables secure interaction with your vault directly from your terminal. Designed for engineers and automated agents, it facilitates the programmatic retrieval and injection of secrets without exposing sensitive data in logs or persistent storage. By leveraging the 1Password CLI (op), the skill ensures that your sensitive credentials remain encrypted and managed according to enterprise security standards. It is ideal for developers who need to authenticate services, access database strings, or manage API keys within CI/CD pipelines or local development environments.

• Perform secure sign-in and authentication using the official 1Password CLI binary.

• Inject environment variables or secret values directly into processes using op run or op inject.

• Manage multiple vaults and accounts with flexible configuration options.

• Integrate with desktop 1Password applications to streamline biometric or PIN-based unlocking workflows.

• List, retrieve, and filter items including passwords, notes, and API tokens.

• Always operate within a dedicated tmux session to maintain persistent, isolated TTY access for CLI prompts.

• Ensure the 1Password desktop application is installed, unlocked, and configured for CLI integration.

• Use op whoami to verify session status before initiating sensitive secret operations.

• Prioritize the use of op run to prevent plaintext secrets from being written to disk or logged.

• Avoid hard-coding or echoing credentials; utilize the CLI’s native pipe and injection capabilities.