pass
Complete guide for using pass, the standard Unix password manager. Use this skill whenever the user asks about pass, password-store, managing passwords from the terminal, GPG-encrypted passwords, setting up pass for the first time, inserting or generating passwords, syncing a password store with git, using pass-otp for TOTP codes, importing passwords from another manager, or any task involving the `pass` CLI. Trigger on phrases like "set up pass", "add a password to pass", "sync my password store", "generate a password", "pass git", "pass-otp", "pass-import", or any variation.
Best use case
pass is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Complete guide for using pass, the standard Unix password manager. Use this skill whenever the user asks about pass, password-store, managing passwords from the terminal, GPG-encrypted passwords, setting up pass for the first time, inserting or generating passwords, syncing a password store with git, using pass-otp for TOTP codes, importing passwords from another manager, or any task involving the `pass` CLI. Trigger on phrases like "set up pass", "add a password to pass", "sync my password store", "generate a password", "pass git", "pass-otp", "pass-import", or any variation.
Teams using pass should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/pass/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How pass Compares
| Feature / Agent | pass | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Complete guide for using pass, the standard Unix password manager. Use this skill whenever the user asks about pass, password-store, managing passwords from the terminal, GPG-encrypted passwords, setting up pass for the first time, inserting or generating passwords, syncing a password store with git, using pass-otp for TOTP codes, importing passwords from another manager, or any task involving the `pass` CLI. Trigger on phrases like "set up pass", "add a password to pass", "sync my password store", "generate a password", "pass git", "pass-otp", "pass-import", or any variation.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# pass — The Standard Unix Password Manager
Each password is a GPG-encrypted file under `~/.password-store/`. The store is
plain files in a folder hierarchy; no proprietary formats, no daemon.
---
## 1. Installation
### Linux
| Distro | Command |
|------------------|--------------------------------|
| Arch / Manjaro | `pacman -S pass` |
| Debian / Ubuntu | `apt install pass` |
| Fedora / RHEL | `dnf install pass` |
| openSUSE | `zypper in password-store` |
### macOS
```bash
brew install pass
```
---
## 2. GPG Key Setup
pass requires a GPG key. Skip this block if you already have one.
```bash
# Generate a new key (use RSA 4096 or ed25519)
gpg --full-generate-key
# List your keys — note the key ID or email
gpg --list-secret-keys --keyid-format LONG
```
The key ID looks like `3AA5C34371567BD2` or you can use the email you registered.
---
## 3. Initialise the Store
```bash
pass init "your@email.com"
# or using the key ID:
pass init 3AA5C34371567BD2
```
This creates `~/.password-store/` and a `.gpg-id` file.
Multiple GPG IDs are supported (for team use):
```bash
pass init alice@example.com bob@example.com
```
Use `-p` to scope a different GPG key to a subfolder (useful for shared stores):
```bash
pass init -p work/ work@company.com
```
Running `pass init` on an existing store re-encrypts all entries with the new key(s).
---
## 4. Data Organisation Convention
Store each entry as a **multiline file** with this structure:
```
<password>
url: https://example.com
username: you@example.com
notes: anything extra
```
- **First line is always the password.** `pass -c` and clipboard tools only
copy line 1.
- Use lowercase keys (`url:`, `username:`, `notes:`) for compatibility with
browser extensions and `pass-import`.
- Organise with folders that mirror context, not the URL structure:
```
~/.password-store/
├── email/
│ ├── gmail
│ └── fastmail
├── dev/
│ ├── github
│ └── npm
└── finance/
├── bank-hsbc
└── revolut
```
---
## 5. Daily Usage
### List the store
```bash
pass # full tree
pass email/ # subtree
pass ls email/ # explicit alias
```
### Find entries by name
```bash
pass find github # lists all entries whose path matches "github"
```
### Read a password
```bash
pass email/gmail # print all lines to stdout
pass -c email/gmail # copy line 1 to clipboard (clears after 45s)
pass -c2 email/gmail # copy line 2 (e.g. the username) to clipboard
```
### Search inside decrypted content
```bash
pass grep username # grep across all decrypted entries
pass grep -i "amazon" # case-insensitive; accepts any grep option
```
### Insert an existing password
```bash
pass insert email/gmail # prompted twice for confirmation
pass insert -e email/gmail # echo password as you type (single prompt)
pass insert -m email/gmail # multiline (recommended, ends with Ctrl-D)
pass insert -f email/gmail # overwrite without prompt
```
### Generate a new password
```bash
pass generate email/gmail # 25-char password (default length)
pass generate email/gmail 20 # custom length
pass generate -n email/gmail 20 # no symbols
pass generate -c email/gmail 20 # copy to clipboard instead of printing
pass generate -i email/gmail 20 # replace only line 1, keep rest of file
pass generate -f email/gmail 20 # overwrite without prompt
```
### Edit an entry
```bash
pass edit email/gmail # opens $EDITOR; creates entry if it doesn't exist
```
### Remove an entry
```bash
pass rm email/gmail
pass rm -r email/ # remove a folder recursively
pass rm -f email/gmail # no confirmation prompt
```
### Move / copy
```bash
pass mv email/gmail email/gmail-old
pass mv -f email/gmail email/gmail-old # overwrite without prompt
pass cp email/gmail backup/gmail
pass cp -f email/gmail backup/gmail # overwrite without prompt
```
---
## 6. Git Sync
Initialise git inside the store:
```bash
pass git init
pass git remote add origin git@github.com:you/pass-store.git
```
Every `pass insert`, `generate`, `edit`, `rm` automatically creates a git
commit. Push and pull manually:
```bash
pass git push
pass git pull
```
To clone the store on another machine:
```bash
# Import your GPG key first:
gpg --import private-key.asc
gpg --edit-key your@email.com # then: trust → 5 → quit
# Clone the store:
git clone git@github.com:you/pass-store.git ~/.password-store
```
---
## 7. Extensions
### pass-otp (TOTP / 2FA codes)
```bash
# Install
pacman -S pass-otp # Arch
brew install pass-otp # macOS
# Add a TOTP secret (use the otpauth:// URI from your provider)
pass otp insert totp/github
# paste: otpauth://totp/GitHub:you@example.com?secret=BASE32SECRET&issuer=GitHub
# Generate a code
pass otp totp/github
# Copy to clipboard
pass otp -c totp/github
```
### pass-import (migrate from another manager)
```bash
pip install pass-import # or: pacman -S pass-import
# Import from Bitwarden (JSON export)
pass import bitwarden bitwarden-export.json
# Import from 1Password (1PUX export)
pass import 1password export.1pux
# List all supported formats
pass import --list
```
### pass-update
```bash
# Install
git clone https://github.com/roddhjav/pass-update ~/.password-store/.extensions/update.bash
# Update a password interactively
pass update email/gmail
```
---
## 8. Shell Completion
```bash
# bash — add to ~/.bashrc
source /usr/share/bash-completion/completions/pass
# zsh — add to ~/.zshrc
autoload -U compinit && compinit
# fish — works out of the box after install
```
---
## 9. Useful Environment Variables
| Variable | Purpose |
|-----------------------------------|----------------------------------------------|
| `PASSWORD_STORE_DIR` | Override default `~/.password-store` |
| `PASSWORD_STORE_KEY` | Default GPG key ID |
| `PASSWORD_STORE_GIT` | Override git directory |
| `PASSWORD_STORE_CLIP_TIME` | Seconds before clipboard clears (default 45) |
| `PASSWORD_STORE_ENABLE_EXTENSIONS`| Set to `true` to enable user extensions |
| `EDITOR` | Editor used by `pass edit` |
---
## 10. Troubleshooting
**`gpg: decryption failed: No secret key`**
Your GPG key is not available. Import it with `gpg --import` and set trust.
**`gpg-agent` keeps asking for passphrase**
Add to `~/.gnupg/gpg-agent.conf`:
```
default-cache-ttl 3600
max-cache-ttl 14400
```
Then restart: `gpgconf --kill gpg-agent`
**Clipboard does not clear on Wayland**
Install `wl-clipboard` and set `PASSWORD_STORE_CLIP_TOOL=wl-copy` or pass `-c`
with `wl-clipboard` in PATH.
**pass git shows dirty tree after clone**
Run `pass git status`; if only `.gpg-id` is untracked, run `pass git add .`
and `pass git commit -m "add gpg-id"`.Related Skills
pentest-auth-bypass
Test authentication and session management controls for bypass and account takeover scenarios.
career-compass
职场罗盘 by Barry — 一站式求职辅助 Skill。整合简历解析优化、公司调研(就业向)、同城职位搜索、模拟面试四大模块。输入个人信息/简历,自动生成简历优化方向、公司调研报告、招聘表单,并可进行模拟面试。
local-password
Generate secure random passwords and check password strength. Supports custom length and character types (uppercase, lowercase, numbers, symbols). Pure local operation, no external dependencies. Use when users need to generate new secure passwords or check password strength.
onepassword
1Password Connect — vaults, items, secrets management for server-side applications.
agent-passport-system
Enforcement and accountability layer for AI agents. Bring your own identity (did:key, did:web, SPIFFE, OAuth, did:aps). Gateway enforcement boundary, monotonic narrowing, cascade revocation, spending controls, data lifecycle, observation governance (telemetry scopes, derivation rights, behavioral memory). Use when agents need scoped delegation, trust scoring, constraint enforcement, or cryptographic audit trails. 103 modules, 132 MCP tools, 2535 tests. 8 framework adapters: Stripe, Composio, IBAC/Cedar, LangChain, CrewAI, MCP, A2A, Gonka.
ui-polish-pass
Core pack — always active as final step. Visual polish pass for spacing, hierarchy, alignment, and cleanup. Runs after design-review and ux-baseline-check as the last quality step before presenting work.
Agent Communication Skill (PassDeck)
This skill provides the security and networking foundation for AI Agent swarms. It handles DID (Decentralized Identity) registration, cryptographically secure signing using Ed25519, and E2EE (End-to-End Encryption) for sensitive data.
Skill Operator (PassDeck)
The Skill Operator serves as the orchestration and orchestration engine for collaborative agent sessions. It provides high-performance persistence using Loro-CRDT with an append-only log architecture, ensuring that data is never lost and remains consistent across all agents.
---
name: article-factory-wechat
humanizer
Remove signs of AI-generated writing from text. Use when editing or reviewing text to make it sound more natural and human-written. Based on Wikipedia's comprehensive "Signs of AI writing" guide. Detects and fixes patterns including: inflated symbolism, promotional language, superficial -ing analyses, vague attributions, em dash overuse, rule of three, AI vocabulary words, negative parallelisms, and excessive conjunctive phrases.
find-skills
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
tavily-search
Use Tavily API for real-time web search and content extraction. Use when: user needs real-time web search results, research, or current information from the web. Requires Tavily API key.