[Feature request] Allow one-off CLI queries
We're trying to integrate 1Password into an internal CLI tool, and we'd like to mitigate the risk against malware accessing 1Password via the 1password-cli after the user unlocks it with our tool. Currently, we signout immediately after reading the password, but there's still a few milliseconds where an attacker could access 1Password before we can relock it.
It would be great to make the CLI authenticate requests as a one-off, without unlocking the whole app. Personally, I'd love for this to be the default, but at least a flag to enable this. With this feature, we could do op item get "Foo Service" --field password --one-off and extract the password from 1Password without other processes being able to run op queries in parallel to access.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided