Password Policy Auditor

The password-policy-auditor skill is a legitimate security tool designed to audit authentication configurations. It uses standard tools like ripgrep (rg) to scan local source code for hashing algorithms and password validation logic (SKILL.md). It includes a safe Python implementation of the HaveIBeenPwned k-Anonymity API to check for breached passwords without exposing the full hash. No evidence of data exfiltration, malicious execution, or persistence was found.