Hermes-agent 1password
Set up and use 1Password CLI (op). Use when installing the CLI, enabling desktop app integration, signing in, and reading/injecting secrets for commands.
install
source · Clone the upstream repo
git clone https://github.com/NousResearch/hermes-agent
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/NousResearch/hermes-agent "$T" && mkdir -p ~/.claude/skills && cp -r "$T/optional-skills/security/1password" ~/.claude/skills/nousresearch-hermes-agent-1password-f01b86 && rm -rf "$T"
manifest:
optional-skills/security/1password/SKILL.mdsource content
1Password CLI
Use this skill when the user wants secrets managed through 1Password instead of plaintext env vars or files.
Requirements
- 1Password account
- 1Password CLI (
) installedop - One of: desktop app integration, service account token (
), or Connect serverOP_SERVICE_ACCOUNT_TOKEN
available for stable authenticated sessions during Hermes terminal calls (desktop app flow only)tmux
When to Use
- Install or configure 1Password CLI
- Sign in with
op signin - Read secret references like
op://Vault/Item/field - Inject secrets into config/templates using
op inject - Run commands with secret env vars via
op run
Authentication Methods
Service Account (recommended for Hermes)
Set
OP_SERVICE_ACCOUNT_TOKEN~/.hermes/.envop readop injectop runexport OP_SERVICE_ACCOUNT_TOKEN="your-token-here" op whoami # verify — should show Type: SERVICE_ACCOUNT
Desktop App Integration (interactive)
- Enable in 1Password desktop app: Settings → Developer → Integrate with 1Password CLI
- Ensure app is unlocked
- Run
and approve the biometric promptop signin
Connect Server (self-hosted)
export OP_CONNECT_HOST="http://localhost:8080" export OP_CONNECT_TOKEN="your-connect-token"
Setup
- Install CLI:
# macOS brew install 1password-cli # Linux (official package/install docs) # See references/get-started.md for distro-specific links. # Windows (winget) winget install AgileBits.1Password.CLI
- Verify:
op --version
- Choose an auth method above and configure it.
Hermes Execution Pattern (desktop app flow)
Hermes terminal commands are non-interactive by default and can lose auth context between calls. For reliable
opNote: This is NOT needed when using
OP_SERVICE_ACCOUNT_TOKENSOCKET_DIR="${TMPDIR:-/tmp}/hermes-tmux-sockets" mkdir -p "$SOCKET_DIR" SOCKET="$SOCKET_DIR/hermes-op.sock" SESSION="op-auth-$(date +%Y%m%d-%H%M%S)" tmux -S "$SOCKET" new -d -s "$SESSION" -n shell # Sign in (approve in desktop app when prompted) tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "eval \"\$(op signin --account my.1password.com)\"" Enter # Verify auth tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op whoami" Enter # Example read tmux -S "$SOCKET" send-keys -t "$SESSION":0.0 -- "op read 'op://Private/Npmjs/one-time password?attribute=otp'" Enter # Capture output when needed tmux -S "$SOCKET" capture-pane -p -J -t "$SESSION":0.0 -S -200 # Cleanup tmux -S "$SOCKET" kill-session -t "$SESSION"
Common Operations
Read a secret
op read "op://app-prod/db/password"
Get OTP
op read "op://app-prod/npm/one-time password?attribute=otp"
Inject into template
echo "db_password: {{ op://app-prod/db/password }}" | op inject
Run a command with secret env var
export DB_PASSWORD="op://app-prod/db/password" op run -- sh -c '[ -n "$DB_PASSWORD" ] && echo "DB_PASSWORD is set" || echo "DB_PASSWORD missing"'
Guardrails
- Never print raw secrets back to user unless they explicitly request the value.
- Prefer
/op run
instead of writing secrets into files.op inject - If command fails with "account is not signed in", run
again in the same tmux session.op signin - If desktop app integration is unavailable (headless/CI), use service account token flow.
CI / Headless note
For non-interactive use, authenticate with
OP_SERVICE_ACCOUNT_TOKENop signinReferences
references/get-started.mdreferences/cli-examples.md- https://developer.1password.com/docs/cli/
- https://developer.1password.com/docs/service-accounts/