From 48d52d13f1a1663eb6f623f34f6550cac1bd08eb Mon Sep 17 00:00:00 2001 From: Peter Steinberger Date: Tue, 6 Jan 2026 01:30:48 +0100 Subject: [PATCH] docs: clarify 1password tmux flow --- skills/1password/SKILL.md | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/skills/1password/SKILL.md b/skills/1password/SKILL.md index 35bcb5a34..7aea6b8c1 100644 --- a/skills/1password/SKILL.md +++ b/skills/1password/SKILL.md @@ -18,13 +18,32 @@ Follow the official CLI get-started steps. Don't guess install commands. 1. Check OS + shell. 2. Verify CLI present: `op --version`. -3. Enable desktop app integration in 1Password app (per get-started). -4. Sign in: `op signin`. +3. Confirm desktop app integration is enabled (per get-started) and the app is unlocked. +4. Sign in / authorize this terminal: `op signin` (expect an app prompt). 5. If multiple accounts: use `--account` or `OP_ACCOUNT`. 6. Verify access: `op whoami` or `op account list`. +## Avoid repeated auth prompts (tmux) + +The bash tool uses a fresh TTY per command, so app integration may prompt every time. To reuse authorization, run multiple `op` commands inside a single tmux session. + +Example (see `tmux` skill for socket conventions): + +```bash +SOCKET_DIR="${CLAWDBOT_TMUX_SOCKET_DIR:-${TMPDIR:-/tmp}/clawdbot-tmux-sockets}" +mkdir -p "$SOCKET_DIR" +SOCKET="$SOCKET_DIR/clawdbot.sock" +SESSION=op-auth + +tmux -S "$SOCKET" new -d -s "$SESSION" -n shell +tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op signin --account my.1password.com" Enter +tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op vault list" Enter +tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200 +``` + ## Guardrails - Never paste secrets into logs, chat, or code. - Prefer `op run` / `op inject` over writing secrets to disk. - If sign-in without app integration is needed, use `op account add`. +- If a command returns "account is not signed in", re-run `op signin` and authorize in the app.