ClawHub

Password Generator

v1.0.0

Secure password generator with multiple character sets and strength analysis. Use when: (1) generating strong passwords, (2) creating memorable passphrases,...

0· 458·2 current·2 all-time
by@ouyangabel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (password generator, passphrases, strength analysis) align with the included script and SKILL.md. The code implements generation, passphrases, and analysis using the secrets module; there are no unrelated dependencies or requested credentials.
Instruction Scope
Instructions simply run the included Python script and stay within the stated purpose. Two minor notes: (1) generated passwords and analyzed passwords are printed in plaintext (the SKILL.md mentions this), so users must avoid leaking output or saving it in shell history; (2) passphrase strength reporting is simplistic (the generate_passphrase function returns a fixed "中" strength) and the strength algorithm is basic — acceptable but not a deep entropy estimator.
Install Mechanism
No install spec (instruction-only with a bundled script). Nothing is downloaded or written to disk by an installer; risk from installation is low. The included script is stored in the repository and can be inspected before running.
Credentials
The skill requests no environment variables, credentials, or config paths. The code does not read environment variables or system files — capability requests are proportional to the stated purpose.
Persistence & Privilege
always is false and the skill is user-invocable (default). It does not modify other skills or system configuration and does not request persistent presence or elevated privileges.
Assessment
This skill appears to do what it says: it generates and analyzes passwords locally using Python's secrets module and makes no network calls or credential requests. Before installing or running it: (1) inspect the bundled scripts yourself (they're included) — you already have the source; (2) run it on a trusted machine and avoid pasting generated passwords into insecure places; outputs are printed in plain text so don't rely on shell history to store secrets; (3) note the passphrase word list is small and passphrase strength reporting is simplistic — for high-security use cases consider larger wordlists or vetted entropy estimators; (4) if you need persistent, cross-device storage, prefer a well-reviewed password manager rather than storing generated passwords in files or unencrypted notes.

Like a lobster shell, security has layers — review code before you run it.

encryptionvk97cgwhdrn1a8x8t7z8wt7any581rd9rgeneratorvk97cgwhdrn1a8x8t7z8wt7any581rd9rlatestvk97cgwhdrn1a8x8t7z8wt7any581rd9rpasswordvk97cgwhdrn1a8x8t7z8wt7any581rd9rsafetyvk97cgwhdrn1a8x8t7z8wt7any581rd9rsecurityvk97cgwhdrn1a8x8t7z8wt7any581rd9r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments