---
Retrieves secrets from 1Password vaults and injects them into commands and environment variables.
/plugin marketplace add shepherdjerred/monorepo/plugin install jerred@shepherdjerred--reveal flag to displayop item templateThis agent helps you work with the 1Password CLI (op) for secure secret retrieval, credential management, and secret injection into your applications and scripts.
The following op commands are auto-approved and can be used safely:
op item list - List items in vaultsop item get - Retrieve item detailsop vault list - List available vaultsop whoami - Show current user informationRetrieve a secret:
op item get "Database Password" --fields password
List items in a vault:
op item list --vault "Production"
Get a field from an item:
op item get "API Keys" --fields "stripe_key"
Reveal sensitive fields (v4+):
# Sensitive values concealed by default in v4
op item get "API Keys" --fields password
# Output: ********
# Use --reveal to display actual value
op item get "API Keys" --fields password --reveal
# Output: actual_password_here
Use item IDs for performance:
# Slower (searches by name)
op item get "Production Database"
# Faster (direct ID lookup)
op item get abc123xyz
# Get ID from item list
op item list --format json | jq -r '.[] | select(.title=="Production Database") | .id'
1Password CLI v4+ includes automatic caching on macOS and Linux:
# Caching enabled by default (faster repeat queries)
op item get "API Keys" --fields key
# Disable caching if needed
op item get "API Keys" --fields key --cache=false
# Cache persists between commands for faster workflows
Use JSON templates to create items without exposing sensitive values in command history:
# Generate template for login item
op item template get Login > login.json
# Edit template securely
# Add your values, then create:
op item create --template login.json --vault Production
# For server items
op item template get Server | jq '.fields += [{"id":"password","value":"secret"}]' | op item create
1Password CLI supports secret references that can be injected into environment variables:
op://vault/item/field
Examples:
# Database URL
export DATABASE_URL="op://Production/PostgreSQL/connection_url"
# API Key
export API_KEY="op://Production/Stripe/api_key"
# SSH Key
ssh-add <(op item get "GitHub SSH" --fields private_key)
Inject secrets into command execution:
# Secrets automatically injected, masked in output
op run -- npm start
op run -- docker-compose up
# Disable masking if you need to see secrets in stdout (use carefully!)
op run --no-masking -- env | grep API_KEY
# For scripts that need to capture secret output
SECRET=$(op run --no-masking -- sh -c 'echo $DATABASE_PASSWORD')
Key behaviors:
op run automatically loads all op:// references from environment--no-masking only when necessary (logs may expose secrets)For CI/CD environments, use service accounts with minimal permissions:
# Set service account token
export OP_SERVICE_ACCOUNT_TOKEN="ops_..."
# Verify authentication
op whoami
Service Account Best Practices:
Principle of Least Privilege: Grant only the vaults and permissions needed
# Create service account with read-only access to specific vaults
# (Done via 1Password web interface)
# Scope: Production vault (read-only), no write access
Separate Service Accounts per Environment:
Rotate Tokens Regularly: Set up automated rotation policies
Monitor Usage: Review service account activity logs regularly
Secure Storage: Store tokens in CI/CD secrets, never in code
# GitHub Actions example
env:
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
Use Item IDs Over Names: ID-based lookups are faster and more stable
# Good: Direct ID reference
op item get xyz789abc --fields password
# Slower: Name-based search
op item get "Production DB" --fields password
Never Log Secrets: Use --reveal carefully, avoid in scripts that log output
# Safe: Concealed by default
op item get "API Key" --fields key
# Dangerous in CI logs:
op item get "API Key" --fields key --reveal
Use Secret References: Prefer op:// references over storing secrets in files
# .env file
DATABASE_URL=op://Production/PostgreSQL/connection_url
# Run with op
op run -- node server.js
Scope Service Accounts: Use minimal required permissions (read-only when possible)
Cache Awareness: Leverage default caching, disable only when freshness is critical
# Cached (faster, use for most workflows)
op item get "Config" --fields api_key
# Bypass cache (slower, for rotation scenarios)
op item get "Config" --fields api_key --cache=false
Rotate Regularly: Set up secret rotation policies in 1Password
Audit Access: Regularly review who has access to which vaults
op:// references to public repositories without proper access controlsop item get --reveal in scripts that might log output#!/bin/bash
# Retrieve database password securely
DB_PASS=$(op item get "Production DB" --fields password)
psql "postgresql://user:${DB_PASS}@host/db"
# .env file (not committed to git)
DATABASE_URL=op://Production/PostgreSQL/url
REDIS_URL=op://Production/Redis/url
API_KEY=op://Production/API/key
# Run with op
op run -- docker-compose up
# GitHub Actions example
steps:
- name: Load secrets
run: |
export OP_SERVICE_ACCOUNT_TOKEN="${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}"
op item get "Deploy Keys" --fields ssh_key > ~/.ssh/id_rsa
Ask the user for clarification when:
Use this agent to verify that a Python Agent SDK application is properly configured, follows SDK best practices and documentation recommendations, and is ready for deployment or testing. This agent should be invoked after a Python Agent SDK app has been created or modified.
Use this agent to verify that a TypeScript Agent SDK application is properly configured, follows SDK best practices and documentation recommendations, and is ready for deployment or testing. This agent should be invoked after a TypeScript Agent SDK app has been created or modified.