# https://github.com/CakeRepository/1Password-MCP 项目说明书
生成时间: 2026-05-22 15:31:42 UTC
## 目录
- [仓库概览](#overview)
- [入口与运行边界](#entrypoints)
- [架构证据地图](#architecture)
- [运维与验证边界](#operations)
## 仓库概览
### 相关页面
相关主题:[入口与运行边界](#entrypoints), [架构证据地图](#architecture), [运维与验证边界](#operations)
相关源码文件
以下源码文件用于生成本页说明:
- [README.md](https://github.com/CakeRepository/1Password-MCP/blob/main/README.md)
- [package.json](https://github.com/CakeRepository/1Password-MCP/blob/main/package.json)
- [src/client.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/client.ts)
- [src/config.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/config.ts)
- [src/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/index.ts)
- [src/logger.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/logger.ts)
- [src/types.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/types.ts)
- [src/utils.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/utils.ts)
- [src/prompts/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/prompts/index.ts)
- [src/resources/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/resources/index.ts)
- [src/tools/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/index.ts)
- [src/tools/item-delete.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/item-delete.ts)
# 仓库概览
本页在 Human Wiki provider 不可用时基于仓库证据生成,只使用 README、文件树和已选源码文件,不把模板描述冒充项目事实。
## README 证据
# 1Password MCP Server
[](https://github.com/CakeRepository/1Password-MCP/actions/workflows/ci.yml)
[](https://www.npmjs.com/package/@takescake/1password-mcp)
[](LICENSE)
A community-built [Model Context Protocol (MCP)](https://modelcontextprotocol.io/) server that connects MCP-compatible AI clients (Claude Desktop, VS Code Copilot, OpenAI Codex, Gemini, etc.) to **1Password** vaults via a [Service Account](https://developer.1password.com/docs/service-accounts/).
> **Not an official 1Password product.** This is a community project.
---
## Features
### Tools (8)
| Tool | Description |
|------|-------------|
| `vault_list` | List all accessible vaults |
| `item_lookup` | Search items by title in a vault |
| `item_delete` | Delete an item from a vault |
| `password_create` | Create a new password/login item |
| `password_read` | Retrieve a password via secret reference (`op://vault/item/field`) or vault/item ID |
| `password_update` | Rotate/update an existing password |
| `password_generate` | Generate a cryptographically secure random password |
| `password_generate_memorable` | Generate a memorable passphrase from ~500 dictionary words |
### Prompts (4)
| Prompt | Description |
|--------|-------------|
| `generate-secure-password` | Guided workflow to generate and store a secure password |
| `credential-rotation` | Step-by-step credential rotation: read, generate, update, verify |
| `vault-audit` | Audit vault contents: list items, categorize, flag concerns |
| `secret-reference-helper` | Construct `op://vault/item/field` references interactively |
### Resources (3)
| Resource URI | Description |
|-------------|-------------|
| `1password://config` | Current server configuration (non-secret) |
| `1password://vaults` | Browsable list of all accessible vaults |
| `1password://vaults/{vaultId}/items` | Browsable list of items in a vault |
---
## Quick Start
### Prerequisites
- **Node.js** >= 18
- A [1Password Service Account token](https://developer.1password.com/docs/service-accounts/)
### Claude Desktop / VS Code / IDEs (JSON)
```json
{
"mcpServers": {
"1password": {
"command": "npx",
"args": ["-y", "@takescake/1p
[excerpt truncated]
## 已选源码清单
- `README.md`
- `package.json`
- `src/client.ts`
- `src/config.ts`
- `src/index.ts`
- `src/logger.ts`
- `src/types.ts`
- `src/utils.ts`
- `src/prompts/index.ts`
- `src/resources/index.ts`
- `src/tools/index.ts`
- `src/tools/item-delete.ts`
| 文件 | 证据角色 | 大小 |
|---|---|---|
| `README.md` | README/产品与使用证据 | 6558 bytes |
| `package.json` | 包与运行时元数据 | 1590 bytes |
| `src/client.ts` | 实现边界 | 1359 bytes |
| `src/config.ts` | 实现边界 | 4081 bytes |
| `src/index.ts` | 实现边界 | 2257 bytes |
| `src/logger.ts` | 实现边界 | 1194 bytes |
| `src/types.ts` | 实现边界 | 1012 bytes |
| `src/utils.ts` | 实现边界 | 7361 bytes |
| `src/prompts/index.ts` | 实现边界 | 8034 bytes |
| `src/resources/index.ts` | 实现边界 | 5235 bytes |
| `src/tools/index.ts` | 实现边界 | 1025 bytes |
| `src/tools/item-delete.ts` | 实现边界 | 1273 bytes |
资料来源:`[README.md:1-120]()`
---
## 入口与运行边界
### 相关页面
相关主题:[仓库概览](#overview), [架构证据地图](#architecture), [运维与验证边界](#operations)
相关源码文件
以下源码文件用于生成本页说明:
- [README.md](https://github.com/CakeRepository/1Password-MCP/blob/main/README.md)
- [package.json](https://github.com/CakeRepository/1Password-MCP/blob/main/package.json)
- [src/client.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/client.ts)
- [src/config.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/config.ts)
- [src/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/index.ts)
- [src/logger.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/logger.ts)
- [src/types.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/types.ts)
- [src/utils.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/utils.ts)
- [src/prompts/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/prompts/index.ts)
- [src/resources/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/resources/index.ts)
- [src/tools/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/index.ts)
- [src/tools/item-delete.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/item-delete.ts)
# 入口与运行边界
下面文件是安装、启动、配置或宿主集成的高信号候选。这里给出证据地图,不推断未经执行验证的 API 契约。
| 文件 | 证据角色 | 大小 |
|---|---|---|
| `README.md` | README/产品与使用证据 | 6558 bytes |
| `package.json` | 包与运行时元数据 | 1590 bytes |
| `src/client.ts` | 实现边界 | 1359 bytes |
| `src/config.ts` | 实现边界 | 4081 bytes |
| `src/index.ts` | 实现边界 | 2257 bytes |
| `src/logger.ts` | 实现边界 | 1194 bytes |
| `src/types.ts` | 实现边界 | 1012 bytes |
| `src/utils.ts` | 实现边界 | 7361 bytes |
| `src/prompts/index.ts` | 实现边界 | 8034 bytes |
| `src/resources/index.ts` | 实现边界 | 5235 bytes |
| `src/tools/index.ts` | 实现边界 | 1025 bytes |
| `src/tools/item-delete.ts` | 实现边界 | 1273 bytes |
资料来源:`[README.md:1-120](https://github.com/CakeRepository/1Password-MCP/blob/main/README.md)`
---
## 架构证据地图
### 相关页面
相关主题:[仓库概览](#overview), [入口与运行边界](#entrypoints), [运维与验证边界](#operations)
相关源码文件
以下源码文件用于生成本页说明:
- [README.md](https://github.com/CakeRepository/1Password-MCP/blob/main/README.md)
- [package.json](https://github.com/CakeRepository/1Password-MCP/blob/main/package.json)
- [src/client.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/client.ts)
- [src/config.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/config.ts)
- [src/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/index.ts)
- [src/logger.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/logger.ts)
- [src/types.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/types.ts)
- [src/utils.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/utils.ts)
- [src/prompts/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/prompts/index.ts)
- [src/resources/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/resources/index.ts)
- [src/tools/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/index.ts)
- [src/tools/item-delete.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/item-delete.ts)
# 架构证据地图
本节只根据仓库路径组织可能的架构区域;需要运行验证的行为不会在这里断言。
- `.`: `README.md`, `package.json`
- `src`: `src/client.ts`, `src/config.ts`, `src/index.ts`, `src/logger.ts`, `src/types.ts`, `src/utils.ts`
资料来源:`[package.json:1-120](https://github.com/CakeRepository/1Password-MCP/blob/main/package.json)`
---
## 运维与验证边界
### 相关页面
相关主题:[仓库概览](#overview), [入口与运行边界](#entrypoints), [架构证据地图](#architecture)
相关源码文件
以下源码文件用于生成本页说明:
- [README.md](https://github.com/CakeRepository/1Password-MCP/blob/main/README.md)
- [package.json](https://github.com/CakeRepository/1Password-MCP/blob/main/package.json)
- [src/client.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/client.ts)
- [src/config.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/config.ts)
- [src/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/index.ts)
- [src/logger.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/logger.ts)
- [src/types.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/types.ts)
- [src/utils.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/utils.ts)
- [src/prompts/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/prompts/index.ts)
- [src/resources/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/resources/index.ts)
- [src/tools/index.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/index.ts)
- [src/tools/item-delete.ts](https://github.com/CakeRepository/1Password-MCP/blob/main/src/tools/item-delete.ts)
# 运维与验证边界
运维建议仅来自仓库中真实存在的文件。把该项目用于 agent 工作流前,仍需在 sandbox 中验证安装、quickstart 和运行行为。
- Documentation signal: `README.md`
- Runtime/package signal: `package.json`
- Source inspection signal: `src/client.ts`
- Source inspection signal: `src/config.ts`
- Source inspection signal: `src/index.ts`
- Source inspection signal: `src/logger.ts`
- Source inspection signal: `src/types.ts`
- Source inspection signal: `src/utils.ts`
- Source inspection signal: `src/prompts/index.ts`
- Source inspection signal: `src/resources/index.ts`
资料来源:`[src/client.ts:1-120](https://github.com/CakeRepository/1Password-MCP/blob/main/src/client.ts)`
---
## 社区证据
### Stored Community Evidence
- Feature Request: Support macOS Keychain as alternative to plaintext token in config | https://github.com/CakeRepository/1Password-MCP/issues/5 | Feature Request: Support macOS Keychain as alternative to plaintext token in config ## Summary The current configuration requires `OP_SERVICE_ACCOUNT_TOKEN` to be stored as a plaintext value in the MCP config file (e.g., `claude_desktop_config.json`). This works well, but it means a sensitive credential lives in a predictable, human-readable location on disk
- Bug: serverInfo version reports 2.0.0 while package is 2.0.3 | https://github.com/CakeRepository/1Password-MCP/issues/2 | Bug: serverInfo version reports 2.0.0 while package is 2.0.3 ## Summary Runtime `initialize` responses currently report `serverInfo.version = "2.0.0"` while the published npm package is `2.0.3`. ## Evidence - `package.json` / npm package version: `2.0.3` - Runtime response version: `2.0.0` - Likely source: `src/config.ts` sets `SERVER_VERSION = "2.0.0"` ## R
- Security: upgrade @modelcontextprotocol/sdk to >=1.26.0 (GHSA-345p-7cg4-v4c7) | https://github.com/CakeRepository/1Password-MCP/issues/1 | Security: upgrade @modelcontextprotocol/sdk to >=1.26.0 (GHSA-345p-7cg4-v4c7) ## Summary Security audit found that the lockfile currently resolves `@modelcontextprotocol/sdk` to `1.25.3`, which is in the affected range for `GHSA-345p-7cg4-v4c7` (fixed in `1.26.0`). ## Evidence - Advisory: GHSA-345p-7cg4-v4c7 - Current lockfile version: `1.25.3` - Fixed versi
- Feature Request: Support macOS Keychain as alternative to plaintext token in config | https://github.com/CakeRepository/1Password-MCP/issues/5 | Feature Request: Support macOS Keychain as alternative to plaintext token in config ## Summary The current configuration requires `OP_SERVICE_ACCOUNT_TOKEN` to be stored as a plaintext value in the MCP config file (e.g., `claude_desktop_config.json`). This works well, but it means a sensitive credential lives in a predictable, human-readable location on disk
- Bug: serverInfo version reports 2.0.0 while package is 2.0.3 | https://github.com/CakeRepository/1Password-MCP/issues/2 | Bug: serverInfo version reports 2.0.0 while package is 2.0.3 ## Summary Runtime `initialize` responses currently report `serverInfo.version = "2.0.0"` while the published npm package is `2.0.3`. ## Evidence - `package.json` / npm package version: `2.0.3` - Runtime response version: `2.0.0` - Likely source: `src/config.ts` sets `SERVER_VERSION = "2.0.0"` ## R
- Security: upgrade @modelcontextprotocol/sdk to >=1.26.0 (GHSA-345p-7cg4-v4c7) | https://github.com/CakeRepository/1Password-MCP/issues/1 | Security: upgrade @modelcontextprotocol/sdk to >=1.26.0 (GHSA-345p-7cg4-v4c7) ## Summary Security audit found that the lockfile currently resolves `@modelcontextprotocol/sdk` to `1.25.3`, which is in the affected range for `GHSA-345p-7cg4-v4c7` (fixed in `1.26.0`). ## Evidence - Advisory: GHSA-345p-7cg4-v4c7 - Current lockfile version: `1.25.3` - Fixed versi
### Top Community Issues (by engagement)
- #5: "Feature Request: Support macOS Keychain as alternative to plaintext token in config" (0 reactions, 0 comments)
## Summary
The current configuration requires `OP_SERVICE_ACCOUNT_TOKEN` to be stored as a plaintext value in the MCP config file (e.g., `claude_desktop_config.json`). This works well, but it means a sensitive credential lives in a predictable, human-readable location on disk. I'd love to see an...
- #1: "Security: upgrade @modelcontextprotocol/sdk to >=1.26.0 (GHSA-345p-7cg4-v4c7)" (0 reactions, 0 comments)
## Summary
Security audit found that the lockfile currently resolves `@modelcontextprotocol/sdk` to `1.25.3`, which is in the affected range for `GHSA-345p-7cg4-v4c7` (fixed in `1.26.0`).
## Evidence
- Advisory: GHSA-345p-7cg4-v4c7
- Current lockfile version: `1.25.3`
- Fixed version:...
### Latest Release: v2.0.3
---
## Doramagic 踩坑日志
项目:cakerepository/1password-mcp
摘要:发现 10 个潜在踩坑项,其中 0 个为 high/blocking;最高优先级:安装坑 - 来源证据:Bug: serverInfo version reports 2.0.0 while package is 2.0.3。
## 1. 安装坑 · 来源证据:Bug: serverInfo version reports 2.0.0 while package is 2.0.3
- 严重度:medium
- 证据强度:source_linked
- 发现:GitHub 社区证据显示该项目存在一个安装相关的待验证问题:Bug: serverInfo version reports 2.0.0 while package is 2.0.3
- 对用户的影响:可能增加新用户试用和生产接入成本。
- 建议检查:来源显示可能已有修复、规避或版本变化,说明书中必须标注适用版本。
- 防护动作:不得脱离来源链接放大为确定性结论;需要标注适用版本和复核状态。
- 证据:community_evidence:github | cevd_c441f769d48f47f1afd84343d4edca96 | https://github.com/CakeRepository/1Password-MCP/issues/2 | 来源讨论提到 npm 相关条件,需在安装/试用前复核。
## 2. 配置坑 · 可能依赖账号登录
- 严重度:medium
- 证据强度:source_linked
- 发现:项目说明出现 login/OAuth/account/sign in 等关键词。
- 对用户的影响:用户无法离线体验,账号权限和授权范围需要提前说明。
- 建议检查:确认登录是否必须、授权范围是什么、失败时如何降级。
- 防护动作:账号授权范围未知时,不能承诺本地离线可用。
- 证据:packet_text.keyword_scan | mcp_registry:io.github.CakeRepository/1password:2.0.3 | https://registry.modelcontextprotocol.io/v0.1/servers/io.github.CakeRepository%2F1password/versions/2.0.3 | matched login / oauth / account keyword
## 3. 能力坑 · 能力判断依赖假设
- 严重度:medium
- 证据强度:source_linked
- 发现:README/documentation is current enough for a first validation pass.
- 对用户的影响:假设不成立时,用户拿不到承诺的能力。
- 建议检查:将假设转成下游验证清单。
- 防护动作:假设必须转成验证项;没有验证结果前不能写成事实。
- 证据:capability.assumptions | mcp_registry:io.github.CakeRepository/1password:2.0.3 | https://registry.modelcontextprotocol.io/v0.1/servers/io.github.CakeRepository%2F1password/versions/2.0.3 | README/documentation is current enough for a first validation pass.
## 4. 维护坑 · 维护活跃度未知
- 严重度:medium
- 证据强度:source_linked
- 发现:未记录 last_activity_observed。
- 对用户的影响:新项目、停更项目和活跃项目会被混在一起,推荐信任度下降。
- 建议检查:补 GitHub 最近 commit、release、issue/PR 响应信号。
- 防护动作:维护活跃度未知时,推荐强度不能标为高信任。
- 证据:evidence.maintainer_signals | mcp_registry:io.github.CakeRepository/1password:2.0.3 | https://registry.modelcontextprotocol.io/v0.1/servers/io.github.CakeRepository%2F1password/versions/2.0.3 | last_activity_observed missing
## 5. 安全/权限坑 · 下游验证发现风险项
- 严重度:medium
- 证据强度:source_linked
- 发现:no_demo
- 对用户的影响:下游已经要求复核,不能在页面中弱化。
- 建议检查:进入安全/权限治理复核队列。
- 防护动作:下游风险存在时必须保持 review/recommendation 降级。
- 证据:downstream_validation.risk_items | mcp_registry:io.github.CakeRepository/1password:2.0.3 | https://registry.modelcontextprotocol.io/v0.1/servers/io.github.CakeRepository%2F1password/versions/2.0.3 | no_demo; severity=medium
## 6. 安全/权限坑 · 存在评分风险
- 严重度:medium
- 证据强度:source_linked
- 发现:no_demo
- 对用户的影响:风险会影响是否适合普通用户安装。
- 建议检查:把风险写入边界卡,并确认是否需要人工复核。
- 防护动作:评分风险必须进入边界卡,不能只作为内部分数。
- 证据:risks.scoring_risks | mcp_registry:io.github.CakeRepository/1password:2.0.3 | https://registry.modelcontextprotocol.io/v0.1/servers/io.github.CakeRepository%2F1password/versions/2.0.3 | no_demo; severity=medium
## 7. 安全/权限坑 · 来源证据:Feature Request: Support macOS Keychain as alternative to plaintext token in config
- 严重度:medium
- 证据强度:source_linked
- 发现:GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题:Feature Request: Support macOS Keychain as alternative to plaintext token in config
- 对用户的影响:可能影响授权、密钥配置或安全边界。
- 建议检查:来源显示可能已有修复、规避或版本变化,说明书中必须标注适用版本。
- 防护动作:不得脱离来源链接放大为确定性结论;需要标注适用版本和复核状态。
- 证据:community_evidence:github | cevd_fb3c79d607e04beb8c638c2b33173c07 | https://github.com/CakeRepository/1Password-MCP/issues/5 | 来源讨论提到 windows 相关条件,需在安装/试用前复核。
## 8. 安全/权限坑 · 来源证据:Security: upgrade @modelcontextprotocol/sdk to >=1.26.0 (GHSA-345p-7cg4-v4c7)
- 严重度:medium
- 证据强度:source_linked
- 发现:GitHub 社区证据显示该项目存在一个安全/权限相关的待验证问题:Security: upgrade @modelcontextprotocol/sdk to >=1.26.0 (GHSA-345p-7cg4-v4c7)
- 对用户的影响:可能增加新用户试用和生产接入成本。
- 建议检查:来源显示可能已有修复、规避或版本变化,说明书中必须标注适用版本。
- 防护动作:不得脱离来源链接放大为确定性结论;需要标注适用版本和复核状态。
- 证据:community_evidence:github | cevd_02e306c61d114d4ab6a734b1bb2f23ef | https://github.com/CakeRepository/1Password-MCP/issues/1 | 来源类型 github_issue 暴露的待验证使用条件。
## 9. 维护坑 · issue/PR 响应质量未知
- 严重度:low
- 证据强度:source_linked
- 发现:issue_or_pr_quality=unknown。
- 对用户的影响:用户无法判断遇到问题后是否有人维护。
- 建议检查:抽样最近 issue/PR,判断是否长期无人处理。
- 防护动作:issue/PR 响应未知时,必须提示维护风险。
- 证据:evidence.maintainer_signals | mcp_registry:io.github.CakeRepository/1password:2.0.3 | https://registry.modelcontextprotocol.io/v0.1/servers/io.github.CakeRepository%2F1password/versions/2.0.3 | issue_or_pr_quality=unknown
## 10. 维护坑 · 发布节奏不明确
- 严重度:low
- 证据强度:source_linked
- 发现:release_recency=unknown。
- 对用户的影响:安装命令和文档可能落后于代码,用户踩坑概率升高。
- 建议检查:确认最近 release/tag 和 README 安装命令是否一致。
- 防护动作:发布节奏未知或过期时,安装说明必须标注可能漂移。
- 证据:evidence.maintainer_signals | mcp_registry:io.github.CakeRepository/1password:2.0.3 | https://registry.modelcontextprotocol.io/v0.1/servers/io.github.CakeRepository%2F1password/versions/2.0.3 | release_recency=unknown