Stats
Actions
Tags
From openclaw-1password
This skill provides guided setup, diagnosis, and repair for securing OpenClaw with 1Password service accounts and SecretRef exec providers. Triggers when users ask to "set up 1Password with OpenClaw", "fix OpenClaw secrets", "repair OpenClaw gateway", "secure OpenClaw after update", "migrate from ${VAR} to SecretRef", "debug OpenClaw secret resolution", "configure SecretRef exec provider", or reference openclaw-1p-setup.sh, gateway token issues, the gateway.auth.token exception, TCC prompts from op, or durable secret management after OpenClaw updates.
How this skill is triggered — by the user, by Claude, or both
Slash command
/openclaw-1password:1password-openclawThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Provide guided setup, diagnosis, adaptation, and repair for securing OpenClaw with 1Password service accounts using direct-op SecretRef exec providers.
Provide guided setup, diagnosis, adaptation, and repair for securing OpenClaw with 1Password service accounts using direct-op SecretRef exec providers.
This skill was authored against OpenClaw 2026.3.2. The user's version may be newer. Before taking any action:
openclaw --version and op --version to establish the user's exact versionsopenclaw secretref --help or openclaw help to discover current CLI surface (commands may have been added, renamed, or removed)~/.openclaw/openclaw.json to see the current config schema (new fields, renamed keys, or structural changes indicate version drift)The golden rules that transcend any version:
op directly with jsonOnly: false. No custom resolver script needed.~/.openclaw/.env (chmod 600) are durable because they live outside OpenClaw's config managementgateway.auth.token exception may eventually be resolved (#29183); check before assuming it still appliesop runs headlesslyFor detailed version adaptation guidance, consult references/version-adaptation.md.
Each secret gets its own provider entry that calls op read directly. No custom resolver script, no custom JSON protocol. The providers use jsonOnly: false and allowSymlinkCommand: true with trustedDirs: ["/opt/homebrew"] to handle Homebrew symlinks.
Key files (once set up):
| File | Purpose |
|---|---|
~/.openclaw/.env | 1Password env vars: token + 3 TCC-prevention vars (chmod 600) |
~/.openclaw/openclaw.json | Config with per-secret providers and SecretRef objects |
Deprecated files (no longer needed):
| File | Status |
|---|---|
~/.openclaw/bin/op-resolver.sh | Replaced by direct op calls |
~/.openclaw/bin/launch-gateway.sh | Replaced by plist EnvironmentVariables |
~/.openclaw/.op-token | Replaced by ~/.openclaw/.env |
The one exception (as of 2026.3.2): gateway.auth.token does not support SecretRef (blocked by #29183, Zod validation ordering bug). It uses ${OPENCLAW_GATEWAY_TOKEN} resolved into the plist EnvironmentVariables. Verify this is still the case on the user's version.
Before running any scripts, understand the local setup. Run these checks:
openclaw --version # Note exact version
op --version # Need 1Password CLI
jq --version # Required by setup script
uname -s # macOS vs Linux
Read the current config to understand what secrets exist and their current state:
~/.openclaw/openclaw.json and identify all credential fields${VAR} references, or existing SecretRef objects~/.openclaw/.env exists (indicates partial/complete setup)~/.openclaw/bin/op-resolver.sh exists (indicates old architecture, needs migration)For detailed architecture, design decisions, the 4 TCC-prevention env vars, cross-platform setup, and manual step-by-step instructions, consult references/architecture.md.
The setup script at scripts/openclaw-1p-setup.sh handles standard setups. For non-standard environments, adapt before running:
Common adaptations needed:
op path: Update provider command fields. Find with which op.trustedDirs: Match to where op actually lives on the system.openclaw-<service> with field credential. Adapt the PATH_TO_ITEM_NAME map in the setup script if the user's vault uses different names.Environment= directives.OP_SERVICE_ACCOUNT_TOKEN and TCC vars via Docker secrets or env. Set trustedDirs to match container paths.openclaw --version. Patch version checks, config paths, or CLI commands that have changed.Read scripts/openclaw-1p-setup.sh before running to verify paths and version assumptions match the user's system. Patch anything that doesn't match.
Fresh setup: Run scripts/openclaw-1p-setup.sh setup interactively. It handles: prerequisite checks, vault creation, .env file creation, secret migration, per-secret provider generation, LaunchAgent repair, and verification.
After OpenClaw update: Run scripts/openclaw-1p-setup.sh repair. This fixes the LaunchAgent plist that openclaw gateway install clobbers: node path, ThrottleInterval, 1Password env vars, and OPENCLAW_GATEWAY_TOKEN.
Verification only: Run scripts/openclaw-1p-setup.sh verify for a health check.
Manual migration: If the user prefers manual control, follow the step-by-step process in references/tutorial.md and use examples/openclaw-secretref-config.json as a reference.
After setup, verify with scripts/openclaw-1p-setup.sh verify. For failures, consult references/troubleshooting.md which covers every known failure mode with exact diagnostic commands.
If the verify script itself fails on a newer OpenClaw version (e.g., CLI output format changed), consult references/version-adaptation.md for how to adapt the checks.
Each secret gets a provider entry calling op read directly:
{
"secrets": {
"providers": {
"discord-token": {
"source": "exec",
"command": "/opt/homebrew/bin/op",
"args": ["read", "op://OpenClaw Secrets/openclaw-discord/credential", "--no-newline"],
"allowSymlinkCommand": true,
"trustedDirs": ["/opt/homebrew"],
"passEnv": [
"OP_SERVICE_ACCOUNT_TOKEN",
"OP_BIOMETRIC_UNLOCK_ENABLED",
"OP_NO_AUTO_SIGNIN",
"OP_LOAD_DESKTOP_APP_SETTINGS"
],
"jsonOnly": false,
"timeoutMs": 15000
}
}
}
}
And the corresponding SecretRef on the credential field:
"token": {
"source": "exec",
"provider": "discord-token",
"id": "discord-token"
}
All paths must be absolute. Adapt command and trustedDirs to the user's system. If the provider schema has changed in the user's version, check openclaw help secretref or the OpenClaw docs for current field names.
${VAR} references..env file must be chmod 600. Verify after any operation that touches it.${OPENCLAW_GATEWAY_TOKEN} for this field. Check if this restriction has been lifted in the user's version (#29183).OP_SERVICE_ACCOUNT_TOKEN, OP_BIOMETRIC_UNLOCK_ENABLED=false, OP_NO_AUTO_SIGNIN=true, OP_LOAD_DESKTOP_APP_SETTINGS=false.openclaw gateway install or openclaw update: Always run repair. The plist gets regenerated.source ~/.openclaw/.env && op read "op://..." and verify it returns values.references/architecture.md - Direct-op architecture, TCC prevention, cross-platform notes, and manual setupreferences/troubleshooting.md - Every known failure mode with diagnostic commands and fixesreferences/version-adaptation.md - How to handle version differences, what to verify on newer OpenClaw releasesreferences/tutorial.md - Complete step-by-step tutorial for manual setupscripts/openclaw-1p-setup.sh - Setup/repair/verify automationscripts/op-resolver-template.sh - DEPRECATED. Kept for reference only.examples/openclaw-secretref-config.json - Example openclaw.json with per-secret providers for 7 common credentialsnpx claudepluginhub drewburchfield/openclaw-1password --plugin openclaw-1passwordCreates bite-sized, testable implementation plans from specs or requirements, with file structure and task decomposition. Activates before coding multi-step tasks.