[Bug] op probes Apple Events IPC unconditionally even when OP_SERVICE_ACCOUNT_TOKEN is set — IPC is architecturally unnecessary for SA auth

[tiktax]

Related to #586 — but a distinct, more severe scenario: Service Account authentication in launchd context.

Environment

• macOS 26.4.1 (Tahoe, Apple M4)
• op v2.34.0 (Homebrew)
• Auth: OP_SERVICE_ACCOUNT_TOKEN (SA token — not personal account)
• Context: LaunchAgent (LimitLoadToSessionType = Aqua)

Key Finding (most important)

op successfully resolves and caches all secrets without TCC approval. The popup is purely cosmetic — op does not require Apple Events permission to function with SA token auth.

Secret resolution succeeds in both cases (with and without TCC dialog). This proves the Apple Events probe is unrelated to actual authentication and can be skipped entirely when OP_SERVICE_ACCOUNT_TOKEN is set.

Problem

When op run / op inject is invoked from a LaunchAgent with all suppression flags set, a TCC permission dialog still appears:

"op からほかのアプリからのデータへのアクセス権を求められています"
("op would like to access data from other applications")

export OP_BIOMETRIC_UNLOCK_ENABLED=false
export OP_CACHE=false
export OP_SERVICE_ACCOUNT_TOKEN=<sa_token>
/opt/homebrew/bin/op run --env-file=template.env -- echo "OK"

The permission is never recorded in System Settings → Privacy & Security → Automation, regardless of how many times "Allow" is clicked. The popup recurs on every launchd invocation.

Minimal Reproduction

minimum_repro.sh:

#!/bin/bash
export OP_BIOMETRIC_UNLOCK_ENABLED=false
export OP_CACHE=false
export OP_SERVICE_ACCOUNT_TOKEN="<your_sa_token>"
/opt/homebrew/bin/op run --env-file=/tmp/test-secrets.tpl -- echo "OK"
# terminal (Warp/iTerm2): no popup ✅
# via launchd below: TCC popup ❌ (despite secrets resolving successfully)

~/Library/LaunchAgents/minimum_repro.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key><string>com.test.op-repro</string>
    <key>ProgramArguments</key>
    <array>
        <string>/bin/bash</string>
        <string>/path/to/minimum_repro.sh</string>
    </array>
    <key>EnvironmentVariables</key>
    <dict>
        <key>HOME</key><string>/Users/yourname</string>
    </dict>
    <key>RunAtLoad</key><true/>
</dict>
</plist>

launchctl load ~/Library/LaunchAgents/minimum_repro.plist
# → TCC popup appears immediately, secret resolves successfully anyway

Expected Behavior

When OP_SERVICE_ACCOUNT_TOKEN is set, op should authenticate exclusively via HTTPS to the 1Password API. No Apple Events IPC with 1Password.app should be attempted — the desktop app plays no role in SA-based authentication.

Actual Behavior

op makes an Apple Events probe that:

1. Is unrelated to actual secret resolution (SA token uses HTTPS directly)
2. Fires unconditionally regardless of OP_CACHE=false and OP_BIOMETRIC_UNLOCK_ENABLED=false
3. Behaves differently by execution context: no popup from interactive terminal, popup from launchd — despite identical env vars

Impact

In always-on headless environments (Mac mini home server), this generates recurring TCC dialogs that cannot be permanently dismissed:

1. /opt/homebrew/bin/op has no bundle identifier registered with Launch Services
2. tccutil cannot manipulate permissions for unregistered binaries
3. TCC.db is protected by SIP on macOS Sequoia/Tahoe

Suggested Fix

if OP_SERVICE_ACCOUNT_TOKEN is set:
    skip Apple Events IPC probe entirely
    use HTTPS SA authentication only

This is a one-line flag check. The probe provides zero value when SA token auth is configured.

Current Workaround

Cache secrets at login via a separate script; serve LaunchAgents from the cached env file. Avoids calling op from launchd entirely. Significant operational complexity for what should be a single conditional check on the op side.