From agi-super-team
Manages API keys and secrets using Pass (Password Store) with GPG encryption and Git sync. Supports insert, edit, delete, generate, and clipboard copy.
How this skill is triggered — by the user, by Claude, or both
Slash command
/agi-super-team:pass-secretsThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
使用 Pass (Password Store) 统一管理所有 API 密钥和敏感凭证。Pass 基于 GPG 加密,支持 Git 同步,安全可靠。
使用 Pass (Password Store) 统一管理所有 API 密钥和敏感凭证。Pass 基于 GPG 加密,支持 Git 同步,安全可靠。
pass
# 或
pass ls
pass api/openai # 显示密钥
pass -c api/openai # 复制到剪贴板
pass insert api/new-service
# 或多行
pass insert -m api/new-service
pass edit api/openai
pass rm api/old-service
pass generate api/new-token 32
~/.password-store/
├── api/ # API 密钥
│ ├── openrouter-vip.gpg
│ ├── zai.gpg
│ ├── anapi.gpg
│ └── github-copilot.gpg
├── tokens/ # 访问令牌
│ ├── telegram-bot.gpg
│ └── github.gpg
├── cloud/ # 云服务凭证
│ ├── aws.gpg
│ └── gcp.gpg
└── services/ # 其他服务
└── docker.gpg
pass git init
pass git remote add origin [email protected]:用户名/password-store.git
pass git push -u origin master
pass git pull # 拉取
pass git push # 推送
# 1. 导入 GPG 密钥
gpg --import private-key.asc
# 2. 克隆仓库
git clone [email protected]:用户名/password-store.git ~/.password-store
创建 ~/.openclaw/scripts/start-with-pass.sh:
#!/bin/bash
# 从 Pass 加载密钥并启动 OpenClaw
export ZAI_API_KEY=$(pass api/zai)
export OPENROUTER_VIP_API_KEY=$(pass api/openrouter-vip)
exec openclaw gateway "$@"
# 生成 .env 文件(临时使用)
pass api/zai | xargs -I {} echo "ZAI_API_KEY={}" > /tmp/openclaw.env
pass api/openrouter-vip | xargs -I {} echo "OPENROUTER_VIP_API_KEY={}" >> /tmp/openclaw.env
# 使用
source /tmp/openclaw.env && openclaw gateway
在 ~/.bashrc 或 ~/.zshrc 中添加:
# OpenClaw 密钥
alias openclaw-start='ZAI_API_KEY=$(pass api/zai) OPENROUTER_VIP_API_KEY=$(pass api/openrouter-vip) openclaw gateway'
| 命令 | 说明 |
|---|---|
pass | 列出所有密钥 |
pass api/xxx | 显示密钥 |
pass -c api/xxx | 复制到剪贴板 |
pass insert api/xxx | 添加密钥 |
pass edit api/xxx | 编辑密钥 |
pass rm api/xxx | 删除密钥 |
pass mv api/old api/new | 重命名 |
pass cp api/xxx api/backup | 复制 |
pass find xxx | 搜索 |
pass generate api/xxx 32 | 生成随机密钥 |
pass git pull | 同步拉取 |
pass git push | 同步推送 |
# 导出私钥(安全保存!)
gpg --export-secret-keys --armor 你的邮箱 > gpg-private.asc
# 导出公钥
gpg --export --armor 你的邮箱 > gpg-public.asc
# 更新密钥
pass edit api/openai
# 查看修改历史
pass git log --oneline
# 检查密钥
gpg --list-secret-keys
# 重新导入
gpg --import private-key.asc
pass git status
pass git stash
pass git pull
pass git stash pop
chmod 700 ~/.password-store
chmod 600 ~/.password-store/**/*.gpg
GPG 密钥: 5F845B8E1B6C5C52 (DL <REDACTED_EMAIL>)
已存储的密钥:
api/openrouter-vip - OpenRouter VIP APIapi/zai - 智谱 AI APIapi/anapi - Anapi Claude APItokens/telegram-bot - Telegram Bot Tokentokens/github-copilot - GitHub Copilot Token由小a创建和维护
npx claudepluginhub aaaaqwq/agi-super-team --plugin agi-super-teamManages passwords and API credentials using 1Password CLI (op). Saves, queries, reads secrets, and injects them as environment variables into scripts.
Retrieves passwords, secure notes, secrets, and TOTP codes from Dashlane vault via CLI. Useful for automating credential lookups in development or deployment scripts.
Manages API key rotation across providers by updating pass vault entries, rebuilding environment files, and restarting gateway processes.