Security Passwords
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent instruction-only collection of password wordlists for authorized testing, but the content is dual-use and should only be used with permission.
Install this only if you need password wordlists for authorized security testing or education. Do not let an agent use these lists against live systems unless you have explicit permission and clear scope, targets, and rate limits.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If paired with separate attack/testing tools, these wordlists could be used against login systems, including unauthorized systems if misused.
The skill explicitly provides material useful for password spraying and brute-force testing. That is coherent with its stated purpose and includes authorization language, but it is still dual-use.
Use this skill when you need: - Password spraying (authorized) - Credential testing - Password policy validation - Brute force testing (authorized)
Use only within a written authorized scope, and require explicit target, timing, rate-limit, and approval boundaries before using these lists with any testing tool.
Users relying on exact upstream provenance or licensing may want to verify that the packaged wordlists match the cited SecLists source.
The registry metadata does not provide a verified source or homepage, even though the SKILL.md cites SecLists. Because there is no code or install execution, this is a provenance note rather than a direct execution concern.
Source: unknown Homepage: none
If provenance is important, compare the included files against the upstream SecLists repository before use.