1password
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill correctly implements 1Password management functionality using the official onepassword-sdk for Python and the op CLI for TypeScript/Bun.
- [SAFE]: The tools manage secrets as intended, providing controlled methods to create, list, and export environment variables without unauthorized data exfiltration or credential exposure. Sensitive values are handled using the CONCEALED field type in 1Password.
- [SAFE]: Documentation and metadata are accurate and align with the skill's functionality. The inclusion of the author's specific vault inventory in documentation is consistent with the provided user context and serves as a personalized reference.
- [SAFE]: Shell scripts included for setup (GitHub CLI plugin and service account configuration) use standard authentication patterns and do not perform suspicious background operations or privilege escalation.
- [SAFE]: All external dependencies are well-known, official packages from trusted registries (PyPI and NPM).
Audit Metadata