Skills pass
install
source · Clone the upstream repo
git clone https://github.com/openclaw/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/bastos/pass" ~/.claude/skills/openclaw-skills-pass && rm -rf "$T"
OpenClaw · Install into ~/.openclaw/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/openclaw/skills "$T" && mkdir -p ~/.openclaw/skills && cp -r "$T/skills/bastos/pass" ~/.openclaw/skills/openclaw-skills-pass && rm -rf "$T"
manifest:
skills/bastos/pass/SKILL.mdsource content
pass — The Standard Unix Password Manager
Each password is a GPG-encrypted file under
~/.password-store/1. Installation
Linux
| Distro | Command |
|---|---|
| Arch / Manjaro | |
| Debian / Ubuntu | |
| Fedora / RHEL | |
| openSUSE | |
macOS
brew install pass
2. GPG Key Setup
pass requires a GPG key. Skip this block if you already have one.
# Generate a new key (use RSA 4096 or ed25519) gpg --full-generate-key # List your keys — note the key ID or email gpg --list-secret-keys --keyid-format LONG
The key ID looks like
3AA5C34371567BD23. Initialise the Store
pass init "your@email.com" # or using the key ID: pass init 3AA5C34371567BD2
This creates
~/.password-store/.gpg-idMultiple GPG IDs are supported (for team use):
pass init alice@example.com bob@example.com
Use
-ppass init -p work/ work@company.com
Running
pass init4. Data Organisation Convention
Store each entry as a multiline file with this structure:
<password> url: https://example.com username: you@example.com notes: anything extra
- First line is always the password.
and clipboard tools only copy line 1.pass -c - Use lowercase keys (
,url:
,username:
) for compatibility with browser extensions andnotes:
.pass-import - Organise with folders that mirror context, not the URL structure:
~/.password-store/ ├── email/ │ ├── gmail │ └── fastmail ├── dev/ │ ├── github │ └── npm └── finance/ ├── bank-hsbc └── revolut
5. Daily Usage
List the store
pass # full tree pass email/ # subtree pass ls email/ # explicit alias
Find entries by name
pass find github # lists all entries whose path matches "github"
Read a password
pass email/gmail # print all lines to stdout pass -c email/gmail # copy line 1 to clipboard (clears after 45s) pass -c2 email/gmail # copy line 2 (e.g. the username) to clipboard
Search inside decrypted content
pass grep username # grep across all decrypted entries pass grep -i "amazon" # case-insensitive; accepts any grep option
Insert an existing password
pass insert email/gmail # prompted twice for confirmation pass insert -e email/gmail # echo password as you type (single prompt) pass insert -m email/gmail # multiline (recommended, ends with Ctrl-D) pass insert -f email/gmail # overwrite without prompt
Generate a new password
pass generate email/gmail # 25-char password (default length) pass generate email/gmail 20 # custom length pass generate -n email/gmail 20 # no symbols pass generate -c email/gmail 20 # copy to clipboard instead of printing pass generate -i email/gmail 20 # replace only line 1, keep rest of file pass generate -f email/gmail 20 # overwrite without prompt
Edit an entry
pass edit email/gmail # opens $EDITOR; creates entry if it doesn't exist
Remove an entry
pass rm email/gmail pass rm -r email/ # remove a folder recursively pass rm -f email/gmail # no confirmation prompt
Move / copy
pass mv email/gmail email/gmail-old pass mv -f email/gmail email/gmail-old # overwrite without prompt pass cp email/gmail backup/gmail pass cp -f email/gmail backup/gmail # overwrite without prompt
6. Git Sync
Initialise git inside the store:
pass git init pass git remote add origin git@github.com:you/pass-store.git
Every
pass insertgenerateeditrmpass git push pass git pull
To clone the store on another machine:
# Import your GPG key first: gpg --import private-key.asc gpg --edit-key your@email.com # then: trust → 5 → quit # Clone the store: git clone git@github.com:you/pass-store.git ~/.password-store
7. Extensions
pass-otp (TOTP / 2FA codes)
# Install pacman -S pass-otp # Arch brew install pass-otp # macOS # Add a TOTP secret (use the otpauth:// URI from your provider) pass otp insert totp/github # paste: otpauth://totp/GitHub:you@example.com?secret=BASE32SECRET&issuer=GitHub # Generate a code pass otp totp/github # Copy to clipboard pass otp -c totp/github
pass-import (migrate from another manager)
pip install pass-import # or: pacman -S pass-import # Import from Bitwarden (JSON export) pass import bitwarden bitwarden-export.json # Import from 1Password (1PUX export) pass import 1password export.1pux # List all supported formats pass import --list
pass-update
# Install git clone https://github.com/roddhjav/pass-update ~/.password-store/.extensions/update.bash # Update a password interactively pass update email/gmail
8. Shell Completion
# bash — add to ~/.bashrc source /usr/share/bash-completion/completions/pass # zsh — add to ~/.zshrc autoload -U compinit && compinit # fish — works out of the box after install
9. Useful Environment Variables
| Variable | Purpose |
|---|---|
| Override default |
| Default GPG key ID |
| Override git directory |
| Seconds before clipboard clears (default 45) |
| Set to |
| Editor used by |
10. Troubleshooting
Your GPG key is not available. Import it with gpg: decryption failed: No secret key
gpg --import
keeps asking for passphrase
Add to gpg-agent
~/.gnupg/gpg-agent.confdefault-cache-ttl 3600 max-cache-ttl 14400
Then restart:
gpgconf --kill gpg-agentClipboard does not clear on Wayland Install
wl-clipboardPASSWORD_STORE_CLIP_TOOL=wl-copy-cwl-clipboardpass git shows dirty tree after clone Run
pass git status.gpg-idpass git add .pass git commit -m "add gpg-id"