{ "schemaVersion": "1.0", "item": { "slug": "twhidden-bitwarden", "name": "Twhidden Bitwarden", "source": "tencent", "type": "skill", "category": "其他", "sourceUrl": "https://clawhub.ai/TWhidden/twhidden-bitwarden", "canonicalUrl": "https://clawhub.ai/TWhidden/twhidden-bitwarden", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/twhidden-bitwarden", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=twhidden-bitwarden", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "CHANGELOG.md", "README.md", "SKILL.md", "_meta.json", "bw.sh" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/twhidden-bitwarden" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/twhidden-bitwarden", "agentPageUrl": "https://openagent3.xyz/skills/twhidden-bitwarden/agent", "manifestUrl": "https://openagent3.xyz/skills/twhidden-bitwarden/agent.json", "briefUrl": "https://openagent3.xyz/skills/twhidden-bitwarden/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Bitwarden & Vaultwarden", "body": "Bitwarden/Vaultwarden CLI (bw) wrapper with automatic login, session caching, and convenient commands. Works seamlessly with both official Bitwarden (vault.bitwarden.com) and self-hosted Vaultwarden instances." }, { "title": "Requirements", "body": "Bitwarden CLI (bw) installed: npm install -g @bitwarden/cli\nA Bitwarden or Vaultwarden server instance\nCredentials configured (see Configuration below)" }, { "title": "Configuration", "body": "Set credentials via environment variables or a credentials file:\n\n# Environment variables (preferred)\nexport BW_SERVER=\"https://vault.bitwarden.com\" # Official Bitwarden\n# OR\nexport BW_SERVER=\"https://your-vaultwarden-instance.example.com\" # Vaultwarden\nexport BW_EMAIL=\"your-email@example.com\"\nexport BW_MASTER_PASSWORD=\"your-master-password\"\n\n# Or use a credentials file (default: secrets/bitwarden.env)\nexport CREDS_FILE=\"/path/to/your/bitwarden.env\"\n\nThe credentials file should contain:\n\nBW_SERVER=https://vault.bitwarden.com\nBW_EMAIL=your-email@example.com\nBW_MASTER_PASSWORD=your-master-password" }, { "title": "Invocation", "body": "bash skills/bitwarden/bw.sh [args...]" }, { "title": "Commands", "body": "CommandDescriptionExampleregister [email] [pass] [name]Register new accountbw.sh register user@example.com pass123 \"My Name\"loginLogin & unlock vaultbw.sh loginstatusShow vault statusbw.sh statuslist [search]List/search itemsbw.sh list githubget Get full item JSONbw.sh get \"GitHub\"get-password Get password onlybw.sh get-password \"GitHub\"get-username Get username onlybw.sh get-username \"GitHub\"create [uri] [notes]Create loginbw.sh create \"GitHub\" user pass https://github.comgenerate [length]Generate passwordbw.sh generate 32delete Delete itembw.sh delete lockLock vaultbw.sh lock" }, { "title": "Workflow", "body": "First call per session: bw.sh login (auto-authenticates from configured credentials)\nSession token cached at /tmp/.bw_session\nAll subsequent commands auto-use the cached session\nAfter reboot/restart: run login again" }, { "title": "Storing New Credentials", "body": "# Generate + store\nPASS=$(bash skills/bitwarden/bw.sh generate 32)\nbash skills/bitwarden/bw.sh create \"New Service\" \"user@email.com\" \"$PASS\" \"https://service.com\"" }, { "title": "Account Registration", "body": "Register a new account on your Bitwarden/Vaultwarden server directly from the CLI:\n\n# Register using configured credentials (from env/credentials file)\nbash skills/bitwarden/bw.sh register\n\n# Register with explicit credentials\nbash skills/bitwarden/bw.sh register \"user@example.com\" \"SecurePass123!\" \"Display Name\"\n\nHow it works:\n\nDerives a master key using PBKDF2-SHA256 (600,000 iterations) with the email as salt\nCreates a master password hash for server authentication\nGenerates a 64-byte symmetric key, encrypted with AES-256-CBC + HMAC-SHA256\nSubmits registration to the server's /api/accounts/register endpoint\n\nRequirements: OpenSSL 3.x+ (for PBKDF2 and HKDF support), curl, xxd.\n\nNote: The master password must be at least 12 characters. Works with both official Bitwarden and Vaultwarden servers." }, { "title": "Guardrails", "body": "Never paste secrets into logs, chat, or code.\nKeep bitwarden.env out of version control.\nUse chmod 600 on credential files.\nSession tokens are stored in /tmp and cleared on lock/logout." }, { "title": "External Endpoints", "body": "EndpointPurposeData SentUser-configured BW_SERVERBitwarden/Vaultwarden APIEncrypted vault data, authentication credentials\n\nNote: The skill communicates with the Bitwarden server you configure via BW_SERVER. For official Bitwarden, this is https://vault.bitwarden.com. For Vaultwarden, this is your self-hosted instance URL." }, { "title": "Security & Privacy", "body": "What leaves your machine:\n\nAuthentication requests (email, master password) to your configured Bitwarden server\nEncrypted vault data (create/read/update/delete operations)\nAll communication uses HTTPS/TLS\n\nWhat stays local:\n\nSession tokens (cached in /tmp/.bw_session)\nCredential files (if using bitwarden.env)\nDecrypted passwords (only in memory, never written to disk)\n\nTrust statement:\nBy using this skill, you are sending authentication credentials and vault data to the Bitwarden server you configure. Only install this skill if you trust your Bitwarden/Vaultwarden instance." }, { "title": "Model Invocation", "body": "This skill can be invoked autonomously by your OpenClaw agent when it needs to:\n\nStore credentials securely\nRetrieve passwords for automation tasks\nGenerate secure passwords\n\nIf you prefer manual approval before password operations, configure your OpenClaw agent's tool policy accordingly." }, { "title": "Security Best Practices", "body": "Credentials file: Use chmod 600 on secrets/bitwarden.env\nEnvironment isolation: Don't share credential files across systems\nSession tokens: Automatically expire; run bw.sh lock when done\nGit: The .gitignore excludes all secrets (secrets/, *.env, .bw_session)\nMaster password: Never hardcode or log your master password" } ], "body": "Bitwarden & Vaultwarden\n\nBitwarden/Vaultwarden CLI (bw) wrapper with automatic login, session caching, and convenient commands. Works seamlessly with both official Bitwarden (vault.bitwarden.com) and self-hosted Vaultwarden instances.\n\nRequirements\nBitwarden CLI (bw) installed: npm install -g @bitwarden/cli\nA Bitwarden or Vaultwarden server instance\nCredentials configured (see Configuration below)\nConfiguration\n\nSet credentials via environment variables or a credentials file:\n\n# Environment variables (preferred)\nexport BW_SERVER=\"https://vault.bitwarden.com\" # Official Bitwarden\n# OR\nexport BW_SERVER=\"https://your-vaultwarden-instance.example.com\" # Vaultwarden\nexport BW_EMAIL=\"your-email@example.com\"\nexport BW_MASTER_PASSWORD=\"your-master-password\"\n\n# Or use a credentials file (default: secrets/bitwarden.env)\nexport CREDS_FILE=\"/path/to/your/bitwarden.env\"\n\n\nThe credentials file should contain:\n\nBW_SERVER=https://vault.bitwarden.com\nBW_EMAIL=your-email@example.com\nBW_MASTER_PASSWORD=your-master-password\n\nInvocation\nbash skills/bitwarden/bw.sh [args...]\n\nCommands\nCommand\tDescription\tExample\nregister [email] [pass] [name]\tRegister new account\tbw.sh register user@example.com pass123 \"My Name\"\nlogin\tLogin & unlock vault\tbw.sh login\nstatus\tShow vault status\tbw.sh status\nlist [search]\tList/search items\tbw.sh list github\nget \tGet full item JSON\tbw.sh get \"GitHub\"\nget-password \tGet password only\tbw.sh get-password \"GitHub\"\nget-username \tGet username only\tbw.sh get-username \"GitHub\"\ncreate [uri] [notes]\tCreate login\tbw.sh create \"GitHub\" user pass https://github.com\ngenerate [length]\tGenerate password\tbw.sh generate 32\ndelete \tDelete item\tbw.sh delete \nlock\tLock vault\tbw.sh lock\nWorkflow\nFirst call per session: bw.sh login (auto-authenticates from configured credentials)\nSession token cached at /tmp/.bw_session\nAll subsequent commands auto-use the cached session\nAfter reboot/restart: run login again\nStoring New Credentials\n# Generate + store\nPASS=$(bash skills/bitwarden/bw.sh generate 32)\nbash skills/bitwarden/bw.sh create \"New Service\" \"user@email.com\" \"$PASS\" \"https://service.com\"\n\nAccount Registration\n\nRegister a new account on your Bitwarden/Vaultwarden server directly from the CLI:\n\n# Register using configured credentials (from env/credentials file)\nbash skills/bitwarden/bw.sh register\n\n# Register with explicit credentials\nbash skills/bitwarden/bw.sh register \"user@example.com\" \"SecurePass123!\" \"Display Name\"\n\n\nHow it works:\n\nDerives a master key using PBKDF2-SHA256 (600,000 iterations) with the email as salt\nCreates a master password hash for server authentication\nGenerates a 64-byte symmetric key, encrypted with AES-256-CBC + HMAC-SHA256\nSubmits registration to the server's /api/accounts/register endpoint\n\nRequirements: OpenSSL 3.x+ (for PBKDF2 and HKDF support), curl, xxd.\n\nNote: The master password must be at least 12 characters. Works with both official Bitwarden and Vaultwarden servers.\n\nGuardrails\nNever paste secrets into logs, chat, or code.\nKeep bitwarden.env out of version control.\nUse chmod 600 on credential files.\nSession tokens are stored in /tmp and cleared on lock/logout.\nExternal Endpoints\nEndpoint\tPurpose\tData Sent\nUser-configured BW_SERVER\tBitwarden/Vaultwarden API\tEncrypted vault data, authentication credentials\n\nNote: The skill communicates with the Bitwarden server you configure via BW_SERVER. For official Bitwarden, this is https://vault.bitwarden.com. For Vaultwarden, this is your self-hosted instance URL.\n\nSecurity & Privacy\n\nWhat leaves your machine:\n\nAuthentication requests (email, master password) to your configured Bitwarden server\nEncrypted vault data (create/read/update/delete operations)\nAll communication uses HTTPS/TLS\n\nWhat stays local:\n\nSession tokens (cached in /tmp/.bw_session)\nCredential files (if using bitwarden.env)\nDecrypted passwords (only in memory, never written to disk)\n\nTrust statement: By using this skill, you are sending authentication credentials and vault data to the Bitwarden server you configure. Only install this skill if you trust your Bitwarden/Vaultwarden instance.\n\nModel Invocation\n\nThis skill can be invoked autonomously by your OpenClaw agent when it needs to:\n\nStore credentials securely\nRetrieve passwords for automation tasks\nGenerate secure passwords\n\nIf you prefer manual approval before password operations, configure your OpenClaw agent's tool policy accordingly.\n\nSecurity Best Practices\nCredentials file: Use chmod 600 on secrets/bitwarden.env\nEnvironment isolation: Don't share credential files across systems\nSession tokens: Automatically expire; run bw.sh lock when done\nGit: The .gitignore excludes all secrets (secrets/, *.env, .bw_session)\nMaster password: Never hardcode or log your master password" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/TWhidden/twhidden-bitwarden", "publisherUrl": "https://clawhub.ai/TWhidden/twhidden-bitwarden", "owner": "TWhidden", "version": "1.0.5", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/twhidden-bitwarden", "downloadUrl": "https://openagent3.xyz/downloads/twhidden-bitwarden", "agentUrl": "https://openagent3.xyz/skills/twhidden-bitwarden/agent", "manifestUrl": "https://openagent3.xyz/skills/twhidden-bitwarden/agent.json", "briefUrl": "https://openagent3.xyz/skills/twhidden-bitwarden/agent.md" } }