Labsco
firecrawl logo

1password

✓ Official3

by firecrawl · part of firecrawl/openclaw

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or…

🔥🔥🔥✓ VerifiedFreeQuick setup
🧰 Not standalone. This skill ships with firecrawl/openclaw and only works together with that tool — install the tool first, then add this skill.

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or…

Inspect the full instructions your agent will receiveExpand

This is the exact playbook injected into your agent when the skill activates — shown here so you can audit it before installing. You don't need to read it to use the skill.

by firecrawl

Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in (single or multi-account), or… npx skills add https://github.com/firecrawl/openclaw --skill 1password Download ZIPGitHub3

1Password CLI

Follow the official CLI get-started steps. Don't guess install commands.

References

  • references/get-started.md (install + app integration + sign-in flow)

  • references/cli-examples.md (real op examples)

Workflow

  • Check OS + shell.

  • Verify CLI present: op --version.

  • Confirm desktop app integration is enabled (per get-started) and the app is unlocked.

  • REQUIRED: create a fresh tmux session for all op commands (no direct op calls outside tmux).

  • Sign in / authorize inside tmux: op signin (expect app prompt).

  • Verify access inside tmux: op whoami (must succeed before any secret read).

  • If multiple accounts: use --account or OP_ACCOUNT.

REQUIRED tmux session (T-Max)

The shell tool uses a fresh TTY per command. To avoid re-prompts and failures, always run op inside a dedicated tmux session with a fresh socket/session name.

Example (see tmux skill for socket conventions, do not reuse old session names):

Copy & paste — that's it
SOCKET_DIR="${OPENCLAW_TMUX_SOCKET_DIR:-${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/openclaw-tmux-sockets}}"
mkdir -p "$SOCKET_DIR"
SOCKET="$SOCKET_DIR/openclaw-op.sock"
SESSION="op-auth-$(date +%Y%m%d-%H%M%S)"

tmux -S "$SOCKET" new -d -s "$SESSION" -n shell
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter
tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter
tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200
tmux -S "$SOCKET" kill-session -t "$SESSION"

Guardrails

  • Never paste secrets into logs, chat, or code.

  • Prefer op run / op inject over writing secrets to disk.

  • If sign-in without app integration is needed, use op account add.

  • If a command returns "account is not signed in", re-run op signin inside tmux and authorize in the app.

  • Do not run op outside tmux; stop and ask if tmux is unavailable.