It does have an "open and fill" feature which autofills, but only immediately after opening the site by URL first. (So the attacker's URL would have to be saved in 1Password along side your credentials.)

This is actually how I use 1Password most often. Global hotkey of cmd+opt+\, type a site name, hit enter: 1Password opens the site and logs in.