陌讯skills聚合平台

bitwarden-secrets

📁 leto-labs/openclaw-bootstrap-config 📅 4 days ago
4
总安装量
4
周安装量
#53821
全站排名
安装命令
npx skills add https://github.com/leto-labs/openclaw-bootstrap-config --skill bitwarden-secrets

Agent 安装分布

opencode 4
gemini-cli 4
claude-code 4
github-copilot 4
amp 4
codex 4

Skill 文档

Bitwarden Secrets

Manage credentials in Bitwarden Secrets Manager using bws.

What this skill does

  1. Set up and verify Bitwarden Secrets Manager access (bws, BWS_ACCESS_TOKEN)
  2. Create/update/list/delete secrets safely
  3. Sync secrets between Bitwarden projects and .env files in either direction
  4. Guide runtime usage (bws run vs on-demand fetch)
  5. Enforce secret-safety guardrails

Safety requirements (non-negotiable)

  • Never print secret values in chat responses.
  • Never commit secrets to git.
  • Report only key names and operation results (created/updated/deleted).
  • Treat management/super tokens as restricted credentials.

See references/security.md for full guardrails.

Quick workflow

1) Verify prerequisites

  • bws installed
  • jq available
  • BWS_ACCESS_TOKEN set

If not, install and configure before proceeding.

2) Sync local env file to Bitwarden project

Run:

scripts/bws_env_sync.sh env-to-bws --project <project-name> --env-file <path-to-env> --create-project

3) Sync Bitwarden project back into env file

Run:

scripts/bws_env_sync.sh bws-to-env --project <project-name> --env-file <path-to-env> --create-env

4) Optional key filtering

scripts/bws_env_sync.sh env-to-bws --project <project-name> --env-file <path-to-env> --keys KEY_A,KEY_B
scripts/bws_env_sync.sh bws-to-env --project <project-name> --env-file <path-to-env> --keys KEY_A,KEY_B

5) Verify without exposing values

Use bws secret list <project-id> -o table and report only key names.

Runtime patterns

Pattern A: wrapper injection

bws run -- <command>

Pattern B: on-demand fetch (preferred for least privilege)

  • Keep only BWS_ACCESS_TOKEN in runtime env
  • Fetch specific secret when needed via bws secret get

Use Pattern B for worker pools that should not see all secrets.

References

  • references/operations.md — command patterns for project + .env sync
  • references/security.md — guardrails, rotation, incident response
  • scripts/bws_env_sync.sh — generic .env <-> Bitwarden sync helper
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。