ClawHub

Password Gen

v1.0.0

Generate secure passwords, passphrases, and PINs with entropy analysis. Use when the user needs a random password, passphrase, PIN, or wants to check how str...

0· 108·0 current·0 all-time
byJohn Wang@johnnywang2001
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code and instructions: the Python script generates passwords, passphrases, PINs, batch output, JSON output, and performs entropy analysis. Required binaries, env vars, and config paths are none — appropriate for a small Python-based utility.
Instruction Scope
SKILL.md limits operations to running the bundled script and showing options; the script itself is consistent with that. One noteworthy behavior: the script will attempt to download the EFF large wordlist from https://www.eff.org and cache it in the system temp directory, falling back to a bundled 200-word list if download fails. Also, generated secrets are printed to stdout/JSON — running this in an environment where agent/chat logs are recorded could store secrets in logs or transcripts.
Install Mechanism
No install spec is provided and no external packages are required; this is instruction-only with a bundled Python script. No downloads of code from obscure hosts are performed (only the EFF wordlist from eff.org).
Credentials
The skill requires no environment variables or credentials. The script does not read system config or secrets. It writes a cached wordlist to the OS temp directory, which is proportionate to its purpose.
Persistence & Privilege
always is false and the skill does not request elevated or persistent privileges, nor does it modify other skills or system-wide agent settings. Its only filesystem action is caching the wordlist under the temp directory.
Assessment
This skill appears to do exactly what it says: generate and analyze passwords using a bundled Python script. Review the script if you want to confirm behavior (it is small and readable). Two practical cautions: (1) the script may download the EFF wordlist from eff.org and cache it in your system temp directory — if you need strictly offline operation, run it in an isolated environment or modify the script to force use of the builtin list; (2) generated passwords and passphrases are printed to stdout/JSON and could be captured in agent logs or chat transcripts — avoid using the skill in contexts where outputs are recorded or shared if you need maximum secrecy. If those constraints are acceptable, the skill is coherent and proportionate to its stated purpose.

Like a lobster shell, security has layers — review code before you run it.

latestvk970h7wfc6s77mwwnztcqk5sk983c9qz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments