Ravi passwords
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This is a disclosed password-manager skill, but its documented workflows can expose plaintext website passwords, potentially the whole vault, to the agent and an external Ravi service.
Use this only if you intentionally want the agent to manage website passwords through Ravi. Verify the Ravi CLI/service first, avoid broad `list` operations that reveal all passwords, and require confirmation before retrieving, displaying, updating, or deleting any credential.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A login task for one site could expose many stored website passwords in command output, transcripts, shell history, or logs.
The documented list operation returns plaintext passwords and the common pattern uses it to search for one domain, so unrelated saved passwords may be retrieved into the agent/tool context.
"ravi passwords list" ... "password": "S3cret!" ... ENTRY=$(ravi passwords list | jq -r '.[] | select(.domain == "example.com")')
Use a metadata-only list or domain-specific lookup if available, retrieve only the credential the user requested, and require explicit user approval before displaying or using any password.
Anyone or anything that can use this skill in the user’s session may be able to retrieve credentials that grant access to websites.
The skill explicitly handles plaintext website credentials through the Ravi service; this is purpose-aligned for a password manager but gives access to user accounts.
All credential fields (username, password, notes) are server-side encrypted — you send and receive plaintext.
Install only if you trust Ravi with website passwords, do not store API keys or unrelated secrets here, and limit use to user-approved login/signup tasks.
An accidental or autonomous update/delete could remove a saved password or replace it with the wrong value, potentially locking the user out of a website.
The documented commands can modify or delete stored credentials. That is expected for a password manager, but it is high-impact if invoked without clear user intent.
ravi passwords update <uuid> --password "NewPass!" ... ravi passwords delete <uuid>
Require explicit confirmation before create, update, or delete actions, and show the domain and username being changed without exposing the password unnecessarily.
Users must trust an external Ravi CLI/service that is not reviewed in this artifact set.
The artifact provides no code or installation details, while the skill relies on external commands to handle plaintext passwords, so provenance and runtime behavior are not verifiable from the supplied package.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; Required binaries (all must exist): none
Verify the official Ravi CLI installation source, authentication model, and documentation before using the skill with real passwords.