This skill provides best-practice guidance and helper patterns for using the 1Password CLI (op) in automation and agent workflows. It explains safe access patterns, when to use secret references vs plaintext reads, how to run commands with injected secrets, and log/transcript hygiene to avoid leaking credentials.
Use this skill whenever an agent or automation needs to access secrets for builds, deploys, or runtime configuration. It's relevant for: running subprocesses that require credentials, creating local env files with secret references, reading item metadata safely, and designing unattended service accounts.
op run --env-file, using op read safely, extracting reference IDs, and auditing for accidental secret commits. Also includes troubleshooting and failure handling steps.This skill is applicable to agent runtimes that can shell out or run CLI tools and that support secret injection: Copilot/Codex-style agents, automation runners that use service accounts, and CLI-capable bots.
1Password CLI helper skill providing security-focused guidance for agent credential workflows. No bundled scripts — purely instructional SKILL.md covering op run, secret references, service accounts, and transcript hygiene. Well-structured with clear decision trees and failure handling. Strongly promotes least-privilege access and secret redaction, making it one of the more security-conscious skills audited.
Documentation-only skill with no executable scripts. Exceptional security posture — the skill itself teaches secure patterns and actively discourages secret exposure. Could benefit from a references/ directory with example .env.op files.