Bitwarden integrates with OneCLI agent vault(www.onecli.sh)

58 pointsby sudo_chmod5 hours ago12 comments

Uvix4 hours ago
Reading the article, it sounds like this is the other way around? Bitwarden is offering a new API, and OneCLI Agent Vault is integrating with the new API.
- stronglikedan3 hours ago
  integration is a two-way street. it doesn't matter which is stated first
  - malfist2 hours ago
    I added "login with google" to my website. Should I go to the news media to brag about how google is launching an integration with me?
    kingstnap2 hours ago
    But in this case they both made posts that point to each other.
    https://bitwarden.com/blog/introducing-agent-access-sdk/#int...
  - jMyles3 hours ago
    I disagree that integration is commutative.
    Often, we see a feature which is important to free use of a computer as a general-purpose tool locked behind an ever-changing and/or poorly documented API in a closed-source, centralized, de-facto-government-subsidized project.
    The power dynamics of that situation are not symmetrical, so it does matter which project(s) are using which API(s) of the other(s).
SkyPuncher3 hours ago
These tools are useful, but I can't help to feel like they're solving the wrong part of the problem. I really don't have much concern that an agent has access to one of my credentials. Outside of production, most of these credentials are going to be limited in privilege and self-rotatable.
What remains terrifying is the ability to exfil important data or run commands that are malicious.
- jadengeller3 hours ago
  exfiltrating a credential provides persistent access (until detected and rotated) tho! probably one of the more leveraged things to prevent
lucideer4 hours ago
I really don't understand the HN comments here.
Lots of assumptions that the article is AI-authored (it could be but I'm not seeing overtly obvious signs - it's quite readable) & a lot of ungrounded assumptions that this is somehow related to Bitwarden integrating AI into their product.
I really thought reading comprehension among HN users was better than this.
- fridder3 hours ago
  Yeah, it seems like this is at minimum an "ok" thing. Honestly having a good way to do secrets management with agents seems like a good idea.
- rvz3 hours ago
  There are worse things to mention about OneCLI as it looks like a completely vibe-coded mess, seeing that CLAUDE.md and Claude itself being one of the contributors [0]
  Perhaps the most damning discovery is that they don't even do basic dependency pinning [1] [2] which just risks another supply chain attack.
  As soon as I saw that, that was everything I needed to know about the project. No security audit whatsoever and Bitwarden believes this is something worth integrating.
  [0] https://github.com/onecli/onecli/graphs/contributors
  [1] https://github.com/onecli/onecli/blob/main/packages/ui/packa...
  [2] https://github.com/onecli/onecli/blob/main/packages/db/packa...
rvz4 hours ago
OneCLI does not even have a security audit and a VC backed password manager believes that it is secure enough to integrate in their password manager.
I could not be anymore bearish on Bitwarden than before after looking at this and very glad that I don't use them.
- JaggedJax3 hours ago
  I don't understand why this would change any opinion on Bitwarden. Bitwarden offers an API and OneCLI calls the Bitwarden API. How does a 3rd party calling Bitwarden's API say anything about Bitwarden?
  Edit: I can see on Bitwarden's site they also call out their support for OneCLI, so I suppose that looks like Bitwarden saying they approve of and recommend OneCLI. But I see recommending an open source solution as a lot less problematic than recommending any other random private startup solution.
- 8cvor6j844qw_d63 hours ago
  [dead]
sneak4 hours ago
How soon until those of us who are running Vaultwarden need to fork the Bitwarden clients, too?
bundie4 hours ago
EDIT: My bad. I saw "agent" and immediately thought of AI.
- warkdarrior4 hours ago
  It doesn't, this is why this announcement is not about Bitwarden incorporating AI.
gmerc4 hours ago
Took VC money, here comes the AI enshittification.
mergeshield4 hours ago
[flagged]
brumbelow5 hours ago
[flagged]
- aduermael4 hours ago
  How so? From what I understand, all requests have to be proxied through OneCLI so that agent can't see your keys.
  - garettmd4 hours ago
    It used to be that people didn't read the article, now they don't even read the headline.
  - rvz3 hours ago
    OneCLI assumes that the proxy is fully trusted by the agent and it still has authorized access to your accounts.
    What happens when the agent environment is breached? All you need is the fake key + URL of the proxy and that maps to your real keys and you can make authorized requests outside of the agent.
    The real keys don't have to be leaked, just the fake ones have to map to the real one; so unless they are rotated, then this is a problem.
    brumbelow2 hours ago
    Exactly. I appreciate the considerations they have already taken, this is definitely a problem that needs to be addressed as agentic AI continues its warpath.
    However, this feels to me like widening the attack surface rather than tightening security. I'm going to dig in to this over the next few weeks. Hopefully I prove myself wrong
post-it4 hours ago
[flagged]
- voidfunc4 hours ago
  Who cares? Did you get the point of the message or not?
  People trying to detect AI and seeing red the moment their AI-sniff test fails are killing discourse.
  - post-it2 hours ago
    The authors want me to trust them to handle all my passwords. I'm not going to do that if they don't respect me enough to tell me I'm reading AI-generated content.
    voidfunc2 hours ago
    You need to articulate why you care better. Why is "AI generated content" a problem for you specifically?
  - a4564634 hours ago
    lmao... people using AI are killing discourse. and then come along bootlickers like you
    voidfunc3 hours ago
    You're right, it's actually the people throwing around inflammatory statements like "bootlickers" to virtue signal and score fake internet points that are doing the most harm.
- falcor844 hours ago
  Is there anything actually bad with that writing (other than implying that theirs is the first system to solve this)?
  AI has been rlhf post-trained to generate text that people find to be clear to read. Are you now looking to reject clear writing just to spite AI labs?
  - antonyt4 hours ago
    Pieces of writing don’t really exist in isolation. Your opinion of a given chunk is formed not only by it, but by everything else you have read.
    So in one part the negative reaction is to staleness. Everything sounds the same.
    If it was all the same but dry, terse, and to the point (like technical writing), it wouldn’t be so bad.
    But it’s repetitive with an annoying, breathless, get-ready-to-be-impressed voice that many of us find grating.
    falcor8440 minutes ago
    I agree in principle, but this is a press release, and I personally am finding AI-assisted marketing copy to be much nicer and easier to read than human copywriter-written ones.
rcakebread4 hours ago
Did you mean to post this on April 1st?
- e7h4nz4 hours ago
  Did you actually read this article or try to understand what OneCLI does?
  - dandellion4 hours ago
    Nobody wrote that article, why should anybody read it?
AnonC4 hours ago
Tangential: Where is Bitwarden on the below roadmap right now? It wasn’t even good to users, but was an alternative to 1Password and others that had long crossed this bridge.
‘Here is how platforms die: first, they are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die. I call this enshittification, and it is a seemingly inevitable consequence arising from the combination of the ease of changing how a platform allocates value, combined with the nature of a "two-sided market", where a platform sits between buyers and sellers, hold each hostage to the other, raking off an ever-larger share of the value that passes between them.’
- Cory Doctorow
- ilitirit4 hours ago
  > It wasn’t even good to users
  I may be out of the loop, but how was Bitwarden not "good" to users? Does this relate to the recent price increase?
- falcor844 hours ago
  I don't get what semantic value you're getting by pasting this. It's almost like saying "VC-funded tech = bad", which is an ironic stance to take on this platform.
  Is there anything that bitwarden did that is actually bad for you as a customer of theirs?
- rschiavone4 hours ago
  What's wrong with 1Password?
  - Uvix4 hours ago
    They switched from a purchase with local vault storage model (where you could sync it to the cloud if you wanted to) to subscription-only with cloud storage they control.
    mrweasel3 hours ago
    Short of using pass, what are some good alternatives? My main critic of 1Password has been the cost, but it is a very good password manager, and price seems to have gone down... Or at least the dollars has weakened enough that the price has come down for me.
    gnabgib2 hours ago
    The price just went up (March 27th) https://9to5mac.com/2026/02/24/1password-announces-big-price...
    mrweaselan hour ago
    Weird that their website isn't updated yet. My subscription renewed earlier this year and I noticed that the price had come down, but that's because the dollar has lost 15% of it's value since last year.
    That is a pretty big price bump though, and I think it's going to cost them. It's certainly enough that I'll reconsider Bitwarden.
    avtar2 hours ago
    > and price seems to have gone down
    They sent an email a couple months ago stating prices were increasing as of Mar 27. The family plan went from $59.88 USD per year to $71.88 But it's still worth it IMO.