1password
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is to facilitate the use of the official 1Password CLI for secret management. It directs the user to official documentation and uses well-known tools like Homebrew for installation.
- [COMMAND_EXECUTION]: The skill executes shell commands to interact with the 1Password CLI and manages sessions via tmux. This behavior is consistent with the stated purpose of providing a CLI interface and includes logic to handle the interactive authentication requirements of the 'op' tool.
- [EXTERNAL_DOWNLOADS]: Provides instructions to install the '1password-cli' package through Homebrew, a well-known and trusted package management service.
- [PROMPT_INJECTION]: While the skill retrieves external data (secrets) that could theoretically contain malicious instructions (indirect prompt injection), it includes explicit guardrails to mitigate this risk, such as advising the agent to never paste secrets into logs, chat, or code, and preferring 'op run' or 'op inject' to avoid writing secrets to the file system.
- [DATA_EXFILTRATION]: No patterns of unauthorized data exfiltration were detected. The skill is designed to retrieve secrets into the agent's environment for legitimate use (e.g., injecting into configuration files or environment variables) as requested by the user.
Audit Metadata