Password Generator
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: password-gen Version: 1.0.0 The skill bundle provides a local password generator. The `SKILL.md` is purely instructional and contains no prompt injection attempts. The `scripts/password-gen.py` script uses the cryptographically secure `secrets` module for randomness, performs no network requests, and does not access sensitive files or environment variables. All operations are confined to local password generation, passphrase creation, and strength analysis, aligning perfectly with its stated purpose without any high-risk behaviors or malicious indicators.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill means allowing the agent or user to run a local script to generate or analyze passwords.
The skill's intended workflow runs the included local Python helper. This is purpose-aligned and the provided source does not show dynamic execution, downloads, or network use.
python3 scripts/password-gen.py generate
Run it only from the trusted skill directory and review the included script if you want assurance about local behavior.
Generated or analyzed passwords may be visible on screen, in terminal history, or in local logs if the user is not careful.
The skill intentionally handles password-like values through command-line input and plaintext terminal output. This is disclosed and purpose-aligned, but passwords are sensitive.
python3 scripts/password-gen.py analyze "MyPassword123!" ... Generated passwords are shown in plain text ... Don't save passwords in command history
Use a private terminal, avoid analyzing real existing passwords via command-line arguments, and store generated passwords in a password manager.
A generated passphrase, especially with few words, may be easier to guess than a user expects from a security-focused password tool.
Passphrase mode uses a small fixed word list and returns a fixed medium strength label, so the skill's general secure-password framing should be interpreted cautiously for passphrases.
def generate_passphrase(word_count=4, separator="-") ... words = [ ... ] ... "strength": "中"
For important accounts, prefer the random password generator with sufficient length or use a passphrase generator with a much larger word list and accurate entropy scoring.