
from solana-clawd20
Instructions and guardrails for installing and using the 1Password CLI (`op`) safely inside a managed tmux session, with recommended workflows to avoid leaking
This skill documents safe usage patterns for the 1Password CLI (op) within an agent environment. It prescribes a required tmux-based workflow for executing op to avoid TTY/credential issues, shows verification steps (op --version, op whoami), and provides guardrails for handling multiple accounts and avoiding accidental secret exposure.
Use this skill whenever an agent needs to install, sign in, or interact with the 1Password CLI to read or inject secrets. It's intended for environments where the desktop app integration is available and the agent can create and control tmux sessions. Do not run op outside a dedicated tmux session; stop and ask if tmux is unavailable.
op --version, create dedicated tmux socket/session, sign in, run op whoami, use op run/op inject for secret execution, and capture results safely.Developer or ops-focused agents that can run shell commands and manage tmux sessions. This skill is security-sensitive and assumes the agent will avoid logging secrets and will follow the tmux guardrails.
1Password CLI skill with clear install, sign-in, and secret-access workflows. Enforces tmux session isolation for all op commands, which is a thoughtful security measure. No bundled scripts to test. SKILL.md is lean and references external docs. Guardrails are specific and practical.
Well-structured secrets management skill. The tmux-first approach is a good pattern for agents needing persistent TTY for interactive CLI auth. No security concerns — guardrails explicitly prevent secret leakage.