Neat. You might be interested in <a href="https://dmno.dev" rel="nofollow">https://dmno.dev</a><p>It let's you define a full schema for your config - including both sensitive and non-sensitive items - and then use plugins to pull sensitive values from a variety of backends, including 1password.<p>It's a bit more focused on application config rather than injecting a bunch of stuff into your shell, but no reason why you couldn't use it for that too.