Agent skill
reading-op-secrets
Reads secrets from 1Password using the op CLI. Use when the user needs to retrieve passwords, API keys, credentials, documents, or one-time passwords stored in 1Password. Supports reading items by name or ID, extracting specific fields, listing vault contents, and reading secret references.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/op-secrets-reader
SKILL.md
Overview
This skill enables agents to read secrets from 1Password using the op CLI. It supports comprehensive read operations including full items, specific fields, documents, attachments, and one-time passwords.
The skill assumes the op CLI is installed and the user is already authenticated.
Table of Contents
Supported Operations
| Operation | Use Case |
|---|---|
| Get Item | Retrieve complete item with all fields |
| Get Field | Extract specific field value(s) |
| List Items | Browse items in vault(s) |
| Get Document | Retrieve document content |
| Get OTP | Get current one-time password |
| Read Reference | Read using op:// secret reference |
Workflow
Phase 1: Context Assessment
Step 1: Understand the Request
Determine what the user needs:
-
Identify the secret type:
- Specific item (name or ID known)
- Specific field from an item
- List of items (browsing/searching)
- Document content
- One-time password
- Secret reference (
op://URI)
-
Identify scope:
- Specific vault or search all vaults
- Any filtering criteria (tags, categories)
-
Clarify if needed:
- If item name is ambiguous, ask for vault or use item ID
- If multiple fields could match, ask which specific field
Phase 2: Secret Retrieval
Step 2: Execute the Appropriate Command
Based on the context assessment, execute the appropriate op command.
See op CLI Read Command Reference for complete command syntax.
Get Complete Item:
op item get "<item-name>" --format json
Get Specific Field:
op item get "<item-name>" --fields "<field-name>" --format json
List Items:
op item list [--vault "<vault>"] [--categories <category>] --format json
Get Document:
op document get "<document-name>"
Get OTP:
op item get "<item-name>" --otp
Read Secret Reference:
op read "op://<vault>/<item>/<field>"
Step 3: Parse and Present Results
- Parse JSON output (when using
--format json) - Extract relevant information based on user's request
- Present clearly:
- For single values: provide the value directly
- For items: summarize fields, highlight requested data
- For lists: present in table format with key metadata
See Output Schemas Reference for JSON structure details.
Step 4: Handle Errors
Common errors and resolutions:
| Error | Resolution |
|---|---|
item not found |
Verify item name, try listing items in vault |
vault not found |
List available vaults with op vault list |
more than one item matches |
Use item ID instead of name, or specify vault |
field not found |
List item fields with full op item get |
Reference Documentation
- op CLI Read Command Reference - Complete command syntax for all read operations
- Output Schemas Reference - JSON output structure examples
Didn't find tool you were looking for?