pass - stores, retrieves, generates, and synchronizes passwords securely
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: pass Version: 1.0.0 The skill provides a comprehensive guide for the `pass` password manager, including installation and usage instructions. While the core functionality and most commands are benign and directly related to the stated purpose, the skill is classified as suspicious due to instructions for installing the `pass-update` extension. This involves a `git clone` command to fetch a shell script (`update.bash`) from a third-party GitHub repository (https://github.com/roddhjav/pass-update) into the user's system. Although `pass-update` is a legitimate extension, this method of installation introduces a supply chain risk for the user, as the integrity of the external repository is not guaranteed by the skill itself, representing a risky capability without clear malicious intent. This instruction is found in `SKILL.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Commands from this guide may access or modify real passwords, OTP secrets, and GPG keys.
The skill is explicitly about managing stored passwords and GPG secret-key material. This is purpose-aligned, but it is high-impact credential handling.
Each password is a GPG-encrypted file under `~/.password-store/` ... `gpg --import private-key.asc`
Run commands only for stores, keys, and accounts you intend to manage; keep private key export files and OTP secrets protected.
Passwords or metadata could be exposed if decrypted output is displayed or pasted into a shared context.
The guide includes commands that can display decrypted password-store contents in terminal output, where they could be copied into logs or an agent conversation.
`pass email/gmail # print all lines to stdout` ... `pass grep username # grep across all decrypted entries`
Prefer clipboard-oriented commands like `pass -c` when possible, avoid broad decrypted searches unless necessary, and do not paste secret outputs into chats or logs.
A wrong path or force flag could delete or overwrite password entries without another confirmation.
The guide documents recursive deletion and force-overwrite commands. They are normal pass operations, but mistakes could remove or replace credentials.
`pass rm -r email/ # remove a folder recursively` ... `pass rm -f email/gmail # no confirmation prompt` ... `pass generate -f email/gmail 20 # overwrite without prompt`
Double-check entry paths before running destructive commands, and avoid `-f` or `-r` unless you are certain.
Credential changes may persist in git history and propagate to other machines after sync.
The skill describes git-backed synchronization of password-store changes. This is expected for pass, but mistaken edits or deletions can be committed and later pushed to other systems.
Every `pass insert`, `generate`, `edit`, `rm` automatically creates a git commit. Push and pull manually: `pass git push`
Use a private remote, review changes before pushing, and keep backups or recovery options for the password store.
Installing password-management tools from untrusted or unexpected package sources could put credentials at risk.
The skill recommends installing pass and extensions from system package managers or pip. This is normal for the guide, but users still depend on the integrity of those package sources.
`brew install pass` ... `pip install pass-import` ... `pacman -S pass-otp`
Install only from trusted repositories, verify package names, and be cautious with third-party extensions that process password exports.