Openssl
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill coherently provides OpenSSL commands for generating random secrets, with only minor setup and local-command awareness notes.
This skill appears safe for its stated purpose. Before installing, make sure OpenSSL is available on your system and remember that generated passwords, API keys, or tokens should be copied and stored securely without leaving them in shared logs or conversations.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may provide or run local OpenSSL-based commands to generate passwords or tokens, which is aligned with the skill purpose.
The skill documents local shell command pipelines for generating secrets. This is expected for an OpenSSL helper skill, but users should understand it relies on local command execution and prints generated secrets to the session.
openssl rand -base64 48 | tr -dc 'a-zA-Z0-9' | head -c 32
Use the commands only in a trusted local environment and avoid exposing generated secrets in shared chats, logs, or screenshots.
The skill may not work as expected if OpenSSL is not installed or available on the user's system.
The skill depends on the OpenSSL binary, while the provided requirements metadata lists no required binaries. This is a metadata completeness issue rather than evidence of unsafe behavior.
Generate cryptographically secure random data using `openssl rand`.
Confirm OpenSSL is installed and consider updating the skill metadata to declare `openssl` as a required binary.