1password

Facilitates secure management of secrets using 1Password CLI for seamless integration in development workflows.

Install this skill

78/100

Security score

The 1password skill was audited on May 17, 2026 and we found 6 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 95

Template literal with variable interpolation in command context

SourceSKILL.md

```bash

medium line 44

Access to hidden dotfiles in home directory

SourceSKILL.md

44	Set `OP_SERVICE_ACCOUNT_TOKEN` in `~/.hermes/.env` (the skill will prompt for this on first load).

medium line 44

Access to .env file

SourceSKILL.md

44	Set `OP_SERVICE_ACCOUNT_TOKEN` in `~/.hermes/.env` (the skill will prompt for this on first load).

medium line 110

Prompting for password/secret input

SourceSKILL.md

110	tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op read 'op://Private/Npmjs/one-time password?attribute=otp'" Enter

low line 13

External URL reference

SourceSKILL.md

13	help: "Create a service account at https://my.1password.com → Settings → Service Accounts"

low line 61

External URL reference

SourceSKILL.md

61	export OP_CONNECT_HOST="http://localhost:8080"

Scanned on May 17, 2026

View Security Dashboard

Installation guide →

GitHub Stars 185.0K

Rate this skill

Categorydevelopment

UpdatedJune 10, 2026

openclaw api security-engineer devops-sre development

NousResearch/hermes-agent