From bcbc7d2ee0c9064d24e00628bcf5e7dcc6a7083b Mon Sep 17 00:00:00 2001
From: sd0xdev <107539203+sd0xdev@users.noreply.github.com>
Date: Fri, 30 Jan 2026 23:44:38 +0800
Subject: [PATCH 1/2] Forward OP_SERVICE_ACCOUNT_TOKEN to container

- Add OP_SERVICE_ACCOUNT_TOKEN to MoltbotEnv and forward into container env whitelist
- Document optional OP token in README and dev vars example
- Redact secrets from start-moltbot.sh config logging
---
 .dev.vars.example  |  3 +++
 README.md          |  1 +
 src/gateway/env.ts |  3 +++
 src/types.ts       |  4 ++++
 start-moltbot.sh   | 14 +++++++++++++-
 5 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/.dev.vars.example b/.dev.vars.example
index 6d16811..759ec71 100644
--- a/.dev.vars.example
+++ b/.dev.vars.example
@@ -24,3 +24,6 @@ MOLTBOT_GATEWAY_TOKEN=dev-token-change-in-prod
 # CDP (Chrome DevTools Protocol) configuration for browser automation
 # CDP_SECRET=shared-secret-for-cdp-auth
 # WORKER_URL=https://your-worker.example.com
+
+# 1Password Service Account auth (optional)
+# OP_SERVICE_ACCOUNT_TOKEN=ops_...
diff --git a/README.md b/README.md
index 90bf7b7..1433b6b 100644
--- a/README.md
+++ b/README.md
@@ -381,6 +381,7 @@ The `AI_GATEWAY_*` variables take precedence over `ANTHROPIC_*` if both are set.
 | `SLACK_APP_TOKEN` | No | Slack app token |
 | `CDP_SECRET` | No | Shared secret for CDP endpoint authentication (see [Browser Automation](#optional-browser-automation-cdp)) |
 | `WORKER_URL` | No | Public URL of the worker (required for CDP) |
+| `OP_SERVICE_ACCOUNT_TOKEN` | No | 1Password Service Account token for `op` CLI inside the container |
 
 ## Security Considerations
 
diff --git a/src/gateway/env.ts b/src/gateway/env.ts
index a57e781..205d4a4 100644
--- a/src/gateway/env.ts
+++ b/src/gateway/env.ts
@@ -56,5 +56,8 @@ export function buildEnvVars(env: MoltbotEnv): Record<string, string> {
   if (env.CDP_SECRET) envVars.CDP_SECRET = env.CDP_SECRET;
   if (env.WORKER_URL) envVars.WORKER_URL = env.WORKER_URL;
 
+  // 1Password Service Account token for `op` CLI inside the container
+  if (env.OP_SERVICE_ACCOUNT_TOKEN) envVars.OP_SERVICE_ACCOUNT_TOKEN = env.OP_SERVICE_ACCOUNT_TOKEN;
+
   return envVars;
 }
diff --git a/src/types.ts b/src/types.ts
index bb82c8c..5ce6799 100644
--- a/src/types.ts
+++ b/src/types.ts
@@ -37,6 +37,10 @@ export interface MoltbotEnv {
   BROWSER?: Fetcher;
   CDP_SECRET?: string; // Shared secret for CDP endpoint authentication
   WORKER_URL?: string; // Public URL of the worker (for CDP endpoint)
+
+  // 1Password Service Account authentication
+  // If set, the `op` CLI inside the container can authenticate non-interactively.
+  OP_SERVICE_ACCOUNT_TOKEN?: string;
 }
 
 /**
diff --git a/start-moltbot.sh b/start-moltbot.sh
index 7e225e8..2e07b1f 100644
--- a/start-moltbot.sh
+++ b/start-moltbot.sh
@@ -268,7 +268,19 @@ if (isOpenAI) {
 // Write updated config
 fs.writeFileSync(configPath, JSON.stringify(config, null, 2));
 console.log('Configuration updated successfully');
-console.log('Config:', JSON.stringify(config, null, 2));
+
+// Avoid logging secrets (tokens, bot tokens, api keys, etc.)
+const redacted = JSON.parse(JSON.stringify(config));
+try {
+    if (redacted.gateway?.auth?.token) redacted.gateway.auth.token = '<redacted>';
+    if (redacted.channels?.telegram?.botToken) redacted.channels.telegram.botToken = '<redacted>';
+    if (redacted.channels?.discord?.token) redacted.channels.discord.token = '<redacted>';
+    if (redacted.channels?.slack?.botToken) redacted.channels.slack.botToken = '<redacted>';
+    if (redacted.channels?.slack?.appToken) redacted.channels.slack.appToken = '<redacted>';
+    if (redacted.models?.providers?.anthropic?.apiKey) redacted.models.providers.anthropic.apiKey = '<redacted>';
+    if (redacted.models?.providers?.openai?.apiKey) redacted.models.providers.openai.apiKey = '<redacted>';
+} catch {}
+console.log('Config (redacted):', JSON.stringify(redacted, null, 2));
 EOFNODE
 
 # ============================================================

From d651ecb78f59be47b4e29c709aff46d9c095284b Mon Sep 17 00:00:00 2001
From: sd0xdev <107539203+sd0xdev@users.noreply.github.com>
Date: Fri, 30 Jan 2026 23:45:12 +0800
Subject: [PATCH 2/2] test: cover OP_SERVICE_ACCOUNT_TOKEN forwarding

---
 src/gateway/env.test.ts | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/gateway/env.test.ts b/src/gateway/env.test.ts
index 29f033d..8abed9d 100644
--- a/src/gateway/env.test.ts
+++ b/src/gateway/env.test.ts
@@ -110,6 +110,12 @@ describe('buildEnvVars', () => {
     expect(result.SLACK_APP_TOKEN).toBe('slack-app');
   });
 
+  it('includes OP_SERVICE_ACCOUNT_TOKEN when set', () => {
+    const env = createMockEnv({ OP_SERVICE_ACCOUNT_TOKEN: 'ops_test_token' });
+    const result = buildEnvVars(env);
+    expect(result.OP_SERVICE_ACCOUNT_TOKEN).toBe('ops_test_token');
+  });
+
   it('maps DEV_MODE to CLAWDBOT_DEV_MODE for container', () => {
     const env = createMockEnv({
       DEV_MODE: 'true',