Bcrypt Generate

v1.0.0

Hash passwords using bcrypt or verify a password against a bcrypt hash. Use when the user asks to bcrypt a password, generate a bcrypt hash, check if a passw...

⭐ 0· 98·1 current·1 all-time

byOmar Hernandez@ohernandez-dev-blossom

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ohernandez-dev-blossom/bcrypt-generate.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Bcrypt Generate" (ohernandez-dev-blossom/bcrypt-generate) from ClawHub.
Skill page: https://clawhub.ai/ohernandez-dev-blossom/bcrypt-generate
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install bcrypt-generate

ClawHub CLI

Package manager switcher

npx clawhub@latest install bcrypt-generate

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match the requested artifacts: the skill is instruction-only and requires only python3 to run bcrypt commands. There are no unrelated env vars, binaries, or config paths requested.

ℹ

Instruction Scope

Instructions are narrowly focused on hashing and verification using Python's bcrypt library. However, the provided commands embed plaintext passwords directly on the shell command line (python3 -c '...b"PASSWORD"...'), which can expose secrets to shell history and to other local users via process listings on some systems. The SKILL.md does acknowledge complex-password issues and suggests using a temp Python script; it would be safer to recommend reading passwords via stdin or getpass.getpass() to avoid command-line exposure.

✓

Install Mechanism

No install spec is present (instruction-only), so nothing is downloaded or written to disk by the skill itself. The doc correctly instructs the user to pip-install the bcrypt package if missing, which is expected.

✓

Credentials

The skill requests no environment variables, credentials, or config paths. Its needs (python3 and the bcrypt package) are proportional to its purpose.

✓

Persistence & Privilege

always is false and the skill does not request persistent system presence or modify other skills/configs. Autonomous invocation is enabled (the platform default) but is not combined with broad access or unusual privileges.

Assessment

This skill appears to do what it claims and asks for nothing unrelated. Primary practical concern: the example commands place plaintext passwords on the command line, which can be recorded in shell history or visible to other local users via process listings. To avoid this, prefer a short Python script that reads the password from stdin or uses getpass.getpass(), or accept the password via a secure prompt/file, instead of embedding it in the -c string. Only install the bcrypt package from PyPI (pip3 install bcrypt) if you trust your environment. Avoid pasting real production passwords into chat or logs.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspython3

latestvk975sj9crs4p2t7s2annv5k92583dekd

98downloads

0stars

1versions

Updated 1mo ago

v1.0.0

MIT-0

Bcrypt Generate

Hash passwords with bcrypt or verify existing hashes using Python's bcrypt library.

Input

For hashing:

Password string to hash
Cost/rounds (default: 10, range: 4–31)

For verification:

Password string
Existing bcrypt hash string (starts with $2b$ or $2a$ )

Output

Bcrypt hash string (for hashing mode)
True/False result (for verification mode)

Instructions

Determine mode: hash a new password, or verify against an existing hash.

Hashing a password:

python3 -c "import bcrypt; print(bcrypt.hashpw(b'PASSWORD', bcrypt.gensalt(rounds=ROUNDS)).decode())"

Replace PASSWORD with the actual password and ROUNDS with the cost factor (default 10).

Verifying a password against a hash:
```
python3 -c "import bcrypt; print(bcrypt.checkpw(b'PASSWORD', b'HASH'))"
```
Replace PASSWORD and HASH with the actual values.
Check if bcrypt Python package is available before running:
```
python3 -c "import bcrypt" 2>&1
```
If it fails with ModuleNotFoundError, tell the user:

"This skill requires the Python bcrypt package. Install with: pip3 install bcrypt."
If python3 is not found at all, tell the user:

"This skill requires python3. Install with: brew install python3 (macOS) or sudo apt install python3 (Linux)."
Present the hash output on its own line. For verification, report clearly: "Password MATCHES the hash" or "Password does NOT match the hash."

Examples

Hash password "mysecret" with cost 10: Command: python3 -c "import bcrypt; print(bcrypt.hashpw(b'mysecret', bcrypt.gensalt(rounds=10)).decode())" Output: $2b$10$EixZaYVK1fsbw1ZfbX3OXePaWxn96p36WQoeG6Lruj3vjPGga31lW

Hash password "admin" with cost 12: Command: python3 -c "import bcrypt; print(bcrypt.hashpw(b'admin', bcrypt.gensalt(rounds=12)).decode())" Output: $2b$12$... (60-char bcrypt hash)

Verify "mysecret" against $2b$10$abc...: Command: python3 -c "import bcrypt; print(bcrypt.checkpw(b'mysecret', b'\$2b\$10\$abc...'))" Output: True

Error Handling

python3 not found → tell user to install Python 3
bcrypt module not found → tell user to run pip3 install bcrypt
Password contains single quotes → escape them or note that the command must be adjusted; prefer using a temp Python script file for complex passwords
Hash string malformed (does not start with $2b$ or $2a$ ) → warn the user the hash appears invalid before running
High cost factor (>= 14) → warn the user this will be slow (intentional for security)

Comments

Loading comments...