bitwarden-credentialBitwarden凭据管理

Store or retrieve credentials in Bitwarden via CLI. Use when asked to save, store, or add a password/API key/OAuth token/secret/credential to Bitwarden. Triggered by phrases like "save to bitwarden", "store credential", "add api key to bitwarden", "save password", or when given a name/username/password triplet to persist. Requires user to have run `bw unlock` first and provide BW_SESSION env var.

作者: admin | 来源: ClawHub

Bitwarden Credential Skill

Store credentials (passwords, API keys, OAuth tokens, etc.) in Bitwarden via the CLI.

Workflow

Step 1: Ensure Vault is Unlocked

The user must unlock their Bitwarden vault once per session in their terminal:

CODEBLOCK0

After unlocking, the user gets a session key. There are two ways to provide it:

Option A — Export the session (user does in their terminal):

export BW_SESSION="<session-key-from-unlock>"

Then just tell me "unlocked" and I can run commands directly.

Option B — Pass session directly to script:
CODEBLOCK2

Step 2: Store a Credential

Once vault is unlocked, provide me with:

- Name — identifier for this credential (e.g., "GitHub API Key", "MiniMax API")
Username — often the clientid or key name
Password/Secret — the actual secret value
Notes (optional) — extra context (scope, granttype, etc.)

Example user message:

"Save to Bitwarden: name=Grafana, username=admin, password=xyz123, notes=prod server"

Step 3: Execute

Use the bundled script or run directly:

CODEBLOCK3

Notes

- Bitwarden CLI must be installed: INLINECODE0
API key auth: Use bw login --apikey with clientid + clientsecret, but vault still requires master password to unlock
I cannot unlock the vault for you — the master password never leaves your terminal
Session token (BW_SESSION) is session-scoped; it expires when the vault locks again

Bitwarden 凭据技能

通过 CLI 将凭据（密码、API 密钥、OAuth 令牌等）存储在 Bitwarden 中。

工作流程

第 1 步：确保密码库已解锁

用户必须在终端中每会话一次解锁其 Bitwarden 密码库：

bash
bw unlock

解锁后，用户会获得一个会话密钥。提供该密钥有两种方式：

选项 A — 导出会话（用户在终端中操作）：
bash
export BW_SESSION=<会话密钥>

然后只需告诉我已解锁，我就可以直接运行命令。

选项 B — 将会话直接传递给脚本：
bash
BW_SESSION=<会话密钥> ./bitwarden-credential.sh <名称> <用户名> <密码> [备注]

第 2 步：存储凭据

密码库解锁后，请向我提供：

- 名称 — 此凭据的标识符（例如，GitHub API 密钥、MiniMax API）
用户名 — 通常是 clientid 或密钥名称
密码/密钥 — 实际的密钥值
备注 （可选） — 额外上下文（作用域、granttype 等）

用户消息示例：

保存到 Bitwarden：名称=Grafana，用户名=admin，密码=xyz123，备注=生产服务器

第 3 步：执行

使用捆绑脚本或直接运行：

bash

已设置 BW_SESSION

./scripts/bitwarden-credential.sh <名称> <用户名> <密码> [备注]

或直接通过 bw CLI

echo -n {name:...,login:{username:...,password:...},type:1} | bw create item

备注

- 必须安装 Bitwarden CLI：brew install bitwarden-cli
API 密钥认证：使用 bw login --apikey 配合 clientid + clientsecret，但密码库仍需主密码解锁
我无法为您解锁密码库 — 主密码永远不会离开您的终端
会话令牌（BW_SESSION）是会话范围的；当密码库再次锁定时会过期

bitwarden-credentialBitwarden凭据管理