How should Bitwarden / Vaultwarden be evaluated before use?

Use the required flow: snapshot, contract, and trust before recommending or executing this skill.

What kind of evidence is visible on this page?

This page surfaces public facts, change history, trust indicators, artifact evidence, and benchmark summaries with provenance.

Crawler Summary

Bitwarden / Vaultwarden answer-first brief

Bitwarden & Vaultwarden password manager integration. Use when storing, retrieving, generating, or managing passwords and credentials. Wraps the Bitwarden CLI (bw) with automatic session management. Works with both official Bitwarden and self-hosted Vaultwarden servers. --- name: Bitwarden / Vaultwarden description: Bitwarden & Vaultwarden password manager integration. Use when storing, retrieving, generating, or managing passwords and credentials. Wraps the Bitwarden CLI (bw) with automatic session management. Works with both official Bitwarden and self-hosted Vaultwarden servers. homepage: https://github.com/TWhidden/openclaw-skill-bitwarden metadata: clawdbot: emoji: "🔐" require Capability contract not published. No trust telemetry is available yet. Last updated 3/1/2026.

Freshness

Last checked 3/1/2026

Best For

Bitwarden / Vaultwarden is best for be workflows where OpenClaw compatibility matters.

Not Ideal For

Contract metadata is missing or unavailable for deterministic execution.

Evidence Sources Checked

editorial-content, GITHUB OPENCLEW, runtime-metrics, public facts pack

Card Facts Snapshot Contract Trust

Claim this agent

Agent DossierGitHubSafety: 89/100

Bitwarden / Vaultwarden

OpenClawself-declared

Public facts

Change events

Artifacts

Freshness

Mar 1, 2026

Verifiededitorial-contentNo verified compatibility signals

Capability contract not published. No trust telemetry is available yet. Last updated 3/1/2026.

Trust evidence available

Trust score

Unknown

Compatibility

OpenClaw

Freshness

Mar 1, 2026

Vendor

Twhidden

Artifacts

Benchmarks

Last release

Unpublished

Executive Summary

Key links, install path, and a quick operational read before the deeper crawl record.

Verifiededitorial-content

Summary

Capability contract not published. No trust telemetry is available yet. Last updated 3/1/2026.

View Source

Setup snapshot

git clone https://github.com/TWhidden/openclaw-skill-bitwarden.git

1
Setup complexity is LOW. This package is likely designed for quick installation with minimal external side-effects.
2
Final validation: Expose the agent to a mock request payload inside a sandbox and trace the network egress before allowing access to real customer data.

Evidence Ledger

Everything public we have scraped or crawled about this agent, grouped by evidence type with provenance.

Verifiededitorial-content

Vendor (1)

Vendor

Twhidden

profilemedium

Observed Mar 1, 2026Source link Provenance

Compatibility (1)

Protocol compatibility

OpenClaw

contractmedium

Observed Mar 1, 2026Source link Provenance

Security (1)

Handshake status

UNKNOWN

trustmedium

Observed unknownSource link Provenance

Integration (1)

Crawlable docs

6 indexed pages on the official domain

search_documentmedium

Observed Apr 15, 2026Source link Provenance

Release & Crawl Timeline

Merged public release, docs, artifact, benchmark, pricing, and trust refresh events.

Self-declaredagent-index

Docs Update

Docs refreshed: Sign in to GitHub · GitHub

search_documentmedium

Fresh crawlable documentation was indexed for the official domain.

Observed Apr 15, 2026

Artifacts Archive

Extracted files, examples, snippets, parameters, dependencies, permissions, and artifact metadata.

Self-declaredGITHUB OPENCLEW

Extracted files

Examples

Snippets

Languages

typescript

Parameters

Executable Examples

bash

# Environment variables (preferred)
export BW_SERVER="https://vault.bitwarden.com"  # Official Bitwarden
# OR
export BW_SERVER="https://your-vaultwarden-instance.example.com"  # Vaultwarden
export BW_EMAIL="your-email@example.com"
export BW_MASTER_PASSWORD="your-master-password"

# Or use a credentials file (default: secrets/bitwarden.env)
export CREDS_FILE="/path/to/your/bitwarden.env"

text

BW_SERVER=https://vault.bitwarden.com
BW_EMAIL=your-email@example.com
BW_MASTER_PASSWORD=your-master-password

bash

bash skills/bitwarden/bw.sh <command> [args...]

bash

# Generate + store
PASS=$(bash skills/bitwarden/bw.sh generate 32)
bash skills/bitwarden/bw.sh create "New Service" "user@email.com" "$PASS" "https://service.com"

bash

# Register using configured credentials (from env/credentials file)
bash skills/bitwarden/bw.sh register

# Register with explicit credentials
bash skills/bitwarden/bw.sh register "user@example.com" "SecurePass123!" "Display Name"

Docs & README

Full documentation captured from public sources, including the complete README when available.

Self-declaredGITHUB OPENCLEW

Docs source

GITHUB OPENCLEW

Editorial quality

ready

Full README

name: Bitwarden / Vaultwarden description: Bitwarden & Vaultwarden password manager integration. Use when storing, retrieving, generating, or managing passwords and credentials. Wraps the Bitwarden CLI (bw) with automatic session management. Works with both official Bitwarden and self-hosted Vaultwarden servers. homepage: https://github.com/TWhidden/openclaw-skill-bitwarden metadata: clawdbot: emoji: "🔐" requires: env: ["BW_SERVER", "BW_EMAIL", "BW_MASTER_PASSWORD"] primaryEnv: "BW_SERVER" bins: ["bw", "openssl", "curl"] files: ["bw.sh"]

Bitwarden & Vaultwarden

Bitwarden/Vaultwarden CLI (bw) wrapper with automatic login, session caching, and convenient commands. Works seamlessly with both official Bitwarden (vault.bitwarden.com) and self-hosted Vaultwarden instances.

Requirements

Bitwarden CLI (bw) installed: npm install -g @bitwarden/cli
A Bitwarden or Vaultwarden server instance
Credentials configured (see Configuration below)

Configuration

Set credentials via environment variables or a credentials file:

# Environment variables (preferred)
export BW_SERVER="https://vault.bitwarden.com"  # Official Bitwarden
# OR
export BW_SERVER="https://your-vaultwarden-instance.example.com"  # Vaultwarden
export BW_EMAIL="your-email@example.com"
export BW_MASTER_PASSWORD="your-master-password"

# Or use a credentials file (default: secrets/bitwarden.env)
export CREDS_FILE="/path/to/your/bitwarden.env"

The credentials file should contain:

BW_SERVER=https://vault.bitwarden.com
BW_EMAIL=your-email@example.com
BW_MASTER_PASSWORD=your-master-password

Invocation

bash skills/bitwarden/bw.sh <command> [args...]

Commands

| Command | Description | Example | |---------|-------------|---------| | register [email] [pass] [name] | Register new account | bw.sh register user@example.com pass123 "My Name" | | login | Login & unlock vault | bw.sh login | | status | Show vault status | bw.sh status | | list [search] | List/search items | bw.sh list github | | get <name\|id> | Get full item JSON | bw.sh get "GitHub" | | get-password <name\|id> | Get password only | bw.sh get-password "GitHub" | | get-username <name\|id> | Get username only | bw.sh get-username "GitHub" | | create <name> <user> <pass> [uri] [notes] | Create login | bw.sh create "GitHub" user pass https://github.com | | generate [length] | Generate password | bw.sh generate 32 | | delete <id> | Delete item | bw.sh delete <uuid> | | lock | Lock vault | bw.sh lock |

Workflow

First call per session: bw.sh login (auto-authenticates from configured credentials)
Session token cached at /tmp/.bw_session
All subsequent commands auto-use the cached session
After reboot/restart: run login again

Storing New Credentials

# Generate + store
PASS=$(bash skills/bitwarden/bw.sh generate 32)
bash skills/bitwarden/bw.sh create "New Service" "user@email.com" "$PASS" "https://service.com"

Account Registration

# Register using configured credentials (from env/credentials file)
bash skills/bitwarden/bw.sh register

# Register with explicit credentials
bash skills/bitwarden/bw.sh register "user@example.com" "SecurePass123!" "Display Name"

How it works:

Derives a master key using PBKDF2-SHA256 (600,000 iterations) with the email as salt
Creates a master password hash for server authentication
Generates a 64-byte symmetric key, encrypted with AES-256-CBC + HMAC-SHA256
Submits registration to the server's /api/accounts/register endpoint

Requirements: OpenSSL 3.x+ (for PBKDF2 and HKDF support), curl, xxd.

Note: The master password must be at least 12 characters. Works with both official Bitwarden and Vaultwarden servers.

Guardrails

Never paste secrets into logs, chat, or code.
Keep bitwarden.env out of version control.
Use chmod 600 on credential files.
Session tokens are stored in /tmp and cleared on lock/logout.

External Endpoints

| Endpoint | Purpose | Data Sent | |----------|---------|-----------| | User-configured BW_SERVER | Bitwarden/Vaultwarden API | Encrypted vault data, authentication credentials |

Note: The skill communicates with the Bitwarden server you configure via BW_SERVER. For official Bitwarden, this is https://vault.bitwarden.com. For Vaultwarden, this is your self-hosted instance URL.

Security & Privacy

What leaves your machine:

Authentication requests (email, master password) to your configured Bitwarden server
Encrypted vault data (create/read/update/delete operations)
All communication uses HTTPS/TLS

What stays local:

Session tokens (cached in /tmp/.bw_session)
Credential files (if using bitwarden.env)
Decrypted passwords (only in memory, never written to disk)

Trust statement: By using this skill, you are sending authentication credentials and vault data to the Bitwarden server you configure. Only install this skill if you trust your Bitwarden/Vaultwarden instance.

Model Invocation

This skill can be invoked autonomously by your OpenClaw agent when it needs to:

Store credentials securely
Retrieve passwords for automation tasks
Generate secure passwords

If you prefer manual approval before password operations, configure your OpenClaw agent's tool policy accordingly.

Security Best Practices

Credentials file: Use chmod 600 on secrets/bitwarden.env
Environment isolation: Don't share credential files across systems
Session tokens: Automatically expire; run bw.sh lock when done
Git: The .gitignore excludes all secrets (secrets/, *.env, .bw_session)
Master password: Never hardcode or log your master password

Contract & API

Machine endpoints, protocol fit, contract coverage, invocation examples, and guardrails for agent-to-agent use.

MissingGITHUB OPENCLEW

Endpoints

Dossier API Snapshot API Contract API Trust API

Contract coverage

Status

missing

Auth

None

Streaming

Data region

Unspecified

Protocol support

OpenClaw: self-declared

Requires: none

Forbidden: none

Guardrails

Operational confidence: low

No positive guardrails captured.

Invocation examples

curl -s "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/snapshot"

curl -s "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/contract"

curl -s "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/trust"

Reliability & Benchmarks

Trust and runtime signals, benchmark suites, failure patterns, and practical risk constraints.

Missingruntime-metrics

Trust signals

Handshake

UNKNOWN

Confidence

unknown

Attempts 30d

unknown

Fallback rate

unknown

Runtime metrics

Observed P50

unknown

Observed P95

unknown

Rate limit

unknown

Estimated cost

unknown

Do not use if

Contract metadata is missing or unavailable for deterministic execution.

No benchmark suites or observed failure patterns are available.

Media & Demo

Every public screenshot, visual asset, demo link, and owner-provided destination tied to this agent.

Missingno-media

No screenshots, media assets, or demo links are available.

Related Agents

Neighboring agents from the same protocol and source ecosystem for comparison and shortlist building.

Self-declaredprotocol-neighbors

GITHUB_REPOSactivepieces

Rank

AI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents

Traction

No public download signal

Freshness

Updated 2d ago

OPENCLAW

GITHUB_REPOScherry-studio

Rank

AI productivity studio with smart chat, autonomous agents, and 300+ assistants. Unified access to frontier LLMs

Traction

No public download signal

Freshness

Updated 5d ago

MCPOPENCLAW

GITHUB_REPOSAionUi

Rank

Free, local, open-source 24/7 Cowork app and OpenClaw for Gemini CLI, Claude Code, Codex, OpenCode, Qwen Code, Goose CLI, Auggie, and more | 🌟 Star if you like it!

Traction

No public download signal

Freshness

Updated 6d ago

MCPOPENCLAW

GITHUB_REPOSCopilotKit

Rank

The Frontend for Agents & Generative UI. React + Angular

Traction

No public download signal

Freshness

Updated 23d ago

OPENCLAW

Machine Appendix

Contract JSON

{
  "contractStatus": "missing",
  "authModes": [],
  "requires": [],
  "forbidden": [],
  "supportsMcp": false,
  "supportsA2a": false,
  "supportsStreaming": false,
  "inputSchemaRef": null,
  "outputSchemaRef": null,
  "dataRegion": null,
  "contractUpdatedAt": null,
  "sourceUpdatedAt": null,
  "freshnessSeconds": null
}

Invocation Guide

{
  "preferredApi": {
    "snapshotUrl": "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/snapshot",
    "contractUrl": "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/contract",
    "trustUrl": "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/trust"
  },
  "curlExamples": [
    "curl -s \"https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/snapshot\"",
    "curl -s \"https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/contract\"",
    "curl -s \"https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/trust\""
  ],
  "jsonRequestTemplate": {
    "query": "summarize this repo",
    "constraints": {
      "maxLatencyMs": 2000,
      "protocolPreference": [
        "OPENCLEW"
      ]
    }
  },
  "jsonResponseTemplate": {
    "ok": true,
    "result": {
      "summary": "...",
      "confidence": 0.9
    },
    "meta": {
      "source": "GITHUB_OPENCLEW",
      "generatedAt": "2026-04-16T23:39:45.790Z"
    }
  },
  "retryPolicy": {
    "maxAttempts": 3,
    "backoffMs": [
      500,
      1500,
      3500
    ],
    "retryableConditions": [
      "HTTP_429",
      "HTTP_503",
      "NETWORK_TIMEOUT"
    ]
  }
}

Trust JSON

{
  "status": "unavailable",
  "handshakeStatus": "UNKNOWN",
  "verificationFreshnessHours": null,
  "reputationScore": null,
  "p95LatencyMs": null,
  "successRate30d": null,
  "fallbackRate": null,
  "attempts30d": null,
  "trustUpdatedAt": null,
  "trustConfidence": "unknown",
  "sourceUpdatedAt": null,
  "freshnessSeconds": null
}

Capability Matrix

{
  "rows": [
    {
      "key": "OPENCLEW",
      "type": "protocol",
      "support": "unknown",
      "confidenceSource": "profile",
      "notes": "Listed on profile"
    },
    {
      "key": "be",
      "type": "capability",
      "support": "supported",
      "confidenceSource": "profile",
      "notes": "Declared in agent profile metadata"
    }
  ],
  "flattenedTokens": "protocol:OPENCLEW|unknown|profile capability:be|supported|profile"
}

Facts JSON

[
  {
    "factKey": "docs_crawl",
    "category": "integration",
    "label": "Crawlable docs",
    "value": "6 indexed pages on the official domain",
    "href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceType": "search_document",
    "confidence": "medium",
    "observedAt": "2026-04-15T05:03:46.393Z",
    "isPublic": true
  },
  {
    "factKey": "vendor",
    "category": "vendor",
    "label": "Vendor",
    "value": "Twhidden",
    "href": "https://github.com/TWhidden/openclaw-skill-bitwarden",
    "sourceUrl": "https://github.com/TWhidden/openclaw-skill-bitwarden",
    "sourceType": "profile",
    "confidence": "medium",
    "observedAt": "2026-03-01T06:02:58.070Z",
    "isPublic": true
  },
  {
    "factKey": "protocols",
    "category": "compatibility",
    "label": "Protocol compatibility",
    "value": "OpenClaw",
    "href": "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/contract",
    "sourceUrl": "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/contract",
    "sourceType": "contract",
    "confidence": "medium",
    "observedAt": "2026-03-01T06:02:58.070Z",
    "isPublic": true
  },
  {
    "factKey": "handshake_status",
    "category": "security",
    "label": "Handshake status",
    "value": "UNKNOWN",
    "href": "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/trust",
    "sourceUrl": "https://xpersona.co/api/v1/agents/twhidden-openclaw-skill-bitwarden/trust",
    "sourceType": "trust",
    "confidence": "medium",
    "observedAt": null,
    "isPublic": true
  }
]

Change Events JSON

[
  {
    "eventType": "docs_update",
    "title": "Docs refreshed: Sign in to GitHub · GitHub",
    "description": "Fresh crawlable documentation was indexed for the official domain.",
    "href": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceUrl": "https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar",
    "sourceType": "search_document",
    "confidence": "medium",
    "observedAt": "2026-04-15T05:03:46.393Z",
    "isPublic": true
  }
]