What are the prerequisites for using this skill?

You need the 1Password CLI (op) installed and configured, along with direnv installed and hooked into your shell.

Why use op-run instead of multiple op-read calls?

Using op-run performs a single CLI invocation to load all secrets at once, reducing environment load times from approximately 5 seconds down to 1 second.

Does this skill work with any shell?

It is designed for any shell that supports direnv, such as Zsh, Bash, or Fish, by utilizing the standard direnv hook system.

How does this improve security compared to a standard .env file?

Unlike .env files which store secrets in plain text on your disk, this approach resolves secrets on-demand into memory, clearing them automatically when you exit the directory.

Is it safe to commit .env.op files to version control?

Yes, .env.op files are safe to commit because they only contain 'op://' URI pointers to your 1Password vault, not the actual secret values.

1Password + direnv Secrets Management

Name: 1Password + direnv Secrets Management
Author: clearfunction

byclearfunction

0•

Security & Testing

Optimizes secret loading by integrating the 1Password CLI with direnv using high-performance patterns.

This skill streamlines the management of environment variables by securely connecting 1Password to your local development environment via direnv. It implements the 'op-run' pattern to significantly reduce secret resolution time from several seconds to under one second. By utilizing .env.op files with secure 'op://' references, it allows developers to commit configuration pointers to version control while keeping sensitive credentials strictly in-memory and protected from accidental leakage.

Key Features

01Configures secure .env.op files containing non-sensitive op:// references

02Ensures secrets remain in-memory and are never written to disk in plain text

030 GitHub stars

04Implements the high-speed op-run pattern for sub-second secret loading

05Automates 1Password CLI integration with shell-specific direnv hooks

06Provides global helper functions for standardized secret management across projects

Use Cases

01Migrating from slow, multiple 'op read' calls to a single, efficient 'op run' execution

02Automating AWS, Database, or API key injection during directory entry in the terminal

03Standardizing secure secret management for team-based projects without committing .env files

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add clearfunction/cf-devtools 1password-direnv-secrets

For use in Claude.ai and ChatGPT

Download Skill