安全密码生成器

v1.0.0

安全的随机密码生成器。支持自定义长度、字符类型（大小写字母、数字、特殊符号）、排除相似字符、批量生成。纯Python标准库，无需API Key。

⭐ 0· 18·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for freedompixels/cn-password-generator.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "安全密码生成器" (freedompixels/cn-password-generator) from ClawHub.
Skill page: https://clawhub.ai/freedompixels/cn-password-generator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install freedompixels/cn-password-generator

ClawHub CLI

Package manager switcher

npx clawhub@latest install cn-password-generator

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

high confidence

Purpose & Capability

The skill's stated purpose is a 'secure' password generator, but the implementation uses the standard library random module (random.choice) rather than the cryptographically secure secrets module or SystemRandom. That mismatch undermines the 'secure' claim. Additionally SKILL.md says to call scripts/password_generator.py while the repo includes password_generator.py at top level — a path/packaging inconsistency.

Instruction Scope

SKILL.md describes examples in natural language and says to call scripts/password_generator.py; it doesn't provide an exact invocation pattern for an agent and references a script path that doesn't exist in the file manifest. The instructions do not ask for any unrelated files/envs, which is good, but the ambiguous/incorrect path may cause an agent to fail or attempt alternative actions.

✓

Install Mechanism

No install spec is provided (instruction-only with an included Python file). Nothing is downloaded or written to disk by an install step, so install risk is low.

✓

Credentials

The skill requires no environment variables, credentials, or config paths — this is proportional to a password generator.

✓

Persistence & Privilege

The skill does not request always: true, does not modify other skills, and has no elevated persistence or privileges.

What to consider before installing

This skill is functionally a password generator, but treat it as 'not suitable for high-security use' in its current form. The main issue is cryptographic: replace usage of random.choice with the secrets module (e.g., secrets.choice or secrets.token_urlsafe) or use secrets.SystemRandom to ensure unpredictability. Also fix the SKILL.md invocation (it references scripts/password_generator.py while the file is password_generator.py). Before using for real accounts, run tests to confirm entropy/length meet your policy, or prefer a well-reviewed system utility (OS password store or established password manager) for high-value credentials. If you install or run it, review and modify the code locally to use secrets, and verify the command-line interface behavior you expect.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b884qm2966nypmmz0w4a4s585kkbg

18downloads

0stars

1versions

Updated 5h ago

v1.0.0

MIT-0

安全密码生成器

安全的随机密码生成器，纯Python标准库实现，无需API Key，开箱即用。

功能

随机密码生成（默认16位）
自定义字符类型：大写、小写、数字、特殊符号
排除相似字符（0O1lI等），避免混淆
批量生成多个密码
纯标准库，零依赖

使用示例

生成一个16位密码
生成10个20位强密码
生成不含特殊符号的12位密码

技术实现

调用 scripts/password_generator.py 生成密码，支持参数：

长度（默认16）
字符类型开关（大写/小写/数字/特殊符号）
排除相似字符（--exclude-similar）
生成数量

Comments

Loading comments...