2.6k
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill gopass- _meta.json267 B
- SKILL.md2.8 KB
Overview
This skill integrates with gopass to store, retrieve, list, and manage secrets using a GPG- and Git-backed password store. It supports CRUD operations, secret generation, TOTP codes, recipient management, mounts, and clipboard operations. Use it to automate secure credential handling for personal or team workflows.
How this skill works
The skill issues gopass CLI commands to inspect and modify entries in one or more stores. It can list secrets, show full entries or password-only output, create or edit entries (interactive or scripted), generate strong passwords or passphrases, and retrieve TOTP codes when a totp: URI is present. It also manages mounts, recipients, and performs git sync operations when available.
When to use it
- Save credentials or SSH keys into an encrypted store.
- Retrieve a password or copy it to the clipboard for login automation.
- Generate a secure password or xkcd-style passphrase for new accounts.
- Manage team access by adding or removing GPG recipients.
- Mount or switch between multiple gopass stores and sync them via git.
Best practices
- Ensure gopass and a valid GPG key are installed and the store is initialized before automation.
- Prefer non-interactive commands (echo "pw" | gopass insert -f) for scripts and gopass show -o for machine-readable output.
- Keep metadata on separate lines: first line = password, subsequent lines = key: value (username, url, totp, notes).
- Use gopass generate with explicit length and symbol flags for consistent strength policies.
- Use gopass mounts and recipients to separate personal and team secrets and to control access with GPG keys.
Example use cases
- Automate credential provisioning: generate a 32-char password and insert it into path/to/secret from CI or a deployment script.
- Retrieve a password in a login script using gopass show -o and paste it into a credential store or input field.
- Fetch TOTP codes in an automation task with gopass otp path/to/secret when totp: is stored in the entry.
- Rotate team access: gopass recipients add <gpg-id> to grant a teammate access, then gopass sync to publish changes.
- Maintain multiple stores: mount a work store, sync it, and copy or move entries between stores for separation of duties.
FAQ
You need the gopass binary installed, a GPG key available on the system, and an initialized store (gopass init or gopass setup).
How do I use the skill in non-interactive scripts?
Use non-interactive flags: echo "pw" | gopass insert -f path for inserts and gopass show -o path for password-only output. Use --yes to auto-confirm prompts when needed.